grpc 1.66.0 → 1.71.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Makefile +316 -329
- data/include/grpc/compression.h +1 -2
- data/include/grpc/credentials.h +2 -3
- data/include/grpc/event_engine/README.md +1 -1
- data/include/grpc/event_engine/endpoint_config.h +7 -7
- data/include/grpc/event_engine/event_engine.h +56 -14
- data/include/grpc/event_engine/extensible.h +2 -2
- data/include/grpc/event_engine/internal/memory_allocator_impl.h +4 -4
- data/include/grpc/event_engine/internal/slice_cast.h +1 -1
- data/include/grpc/event_engine/memory_allocator.h +3 -4
- data/include/grpc/event_engine/memory_request.h +1 -2
- data/include/grpc/event_engine/slice.h +3 -5
- data/include/grpc/event_engine/slice_buffer.h +6 -8
- data/include/grpc/grpc.h +1 -2
- data/include/grpc/grpc_audit_logging.h +3 -3
- data/include/grpc/grpc_crl_provider.h +5 -5
- data/include/grpc/grpc_posix.h +1 -2
- data/include/grpc/grpc_security.h +1 -2
- data/include/grpc/impl/call.h +2 -2
- data/include/grpc/impl/channel_arg_names.h +3 -1
- data/include/grpc/impl/grpc_types.h +1 -2
- data/include/grpc/impl/slice_type.h +1 -2
- data/include/grpc/passive_listener.h +2 -2
- data/include/grpc/status.h +1 -1
- data/include/grpc/support/alloc.h +1 -2
- data/include/grpc/support/atm.h +0 -13
- data/include/grpc/support/json.h +17 -18
- data/include/grpc/support/log.h +35 -34
- data/include/grpc/support/metrics.h +7 -3
- data/include/grpc/support/port_platform.h +6 -1
- data/include/grpc/support/sync_generic.h +2 -4
- data/include/grpc/support/sync_posix.h +1 -2
- data/include/grpc/support/time.h +1 -2
- data/src/core/call/request_buffer.cc +224 -0
- data/src/core/call/request_buffer.h +192 -0
- data/src/core/channelz/channel_trace.cc +5 -6
- data/src/core/channelz/channel_trace.h +5 -7
- data/src/core/channelz/channelz.cc +7 -9
- data/src/core/channelz/channelz.h +11 -32
- data/src/core/channelz/channelz_registry.cc +6 -15
- data/src/core/channelz/channelz_registry.h +4 -5
- data/src/core/client_channel/backup_poller.cc +21 -11
- data/src/core/client_channel/client_channel.cc +51 -55
- data/src/core/client_channel/client_channel.h +7 -5
- data/src/core/client_channel/client_channel_args.h +21 -0
- data/src/core/client_channel/client_channel_factory.cc +2 -2
- data/src/core/client_channel/client_channel_factory.h +1 -2
- data/src/core/client_channel/client_channel_filter.cc +91 -162
- data/src/core/client_channel/client_channel_filter.h +23 -21
- data/src/core/client_channel/client_channel_internal.h +2 -5
- data/src/core/client_channel/client_channel_plugin.cc +3 -4
- data/src/core/client_channel/client_channel_service_config.cc +3 -4
- data/src/core/client_channel/client_channel_service_config.h +9 -11
- data/src/core/client_channel/config_selector.h +4 -8
- data/src/core/client_channel/connector.h +3 -3
- data/src/core/client_channel/direct_channel.cc +4 -4
- data/src/core/client_channel/direct_channel.h +1 -1
- data/src/core/client_channel/dynamic_filters.cc +10 -10
- data/src/core/client_channel/dynamic_filters.h +8 -7
- data/src/core/client_channel/global_subchannel_pool.cc +2 -2
- data/src/core/client_channel/global_subchannel_pool.h +2 -3
- data/src/core/client_channel/lb_metadata.cc +7 -8
- data/src/core/client_channel/lb_metadata.h +5 -6
- data/src/core/client_channel/load_balanced_call_destination.cc +6 -7
- data/src/core/client_channel/load_balanced_call_destination.h +0 -1
- data/src/core/client_channel/local_subchannel_pool.cc +2 -5
- data/src/core/client_channel/local_subchannel_pool.h +1 -1
- data/src/core/client_channel/retry_filter.cc +6 -8
- data/src/core/client_channel/retry_filter.h +5 -9
- data/src/core/client_channel/retry_filter_legacy_call_data.cc +197 -281
- data/src/core/client_channel/retry_filter_legacy_call_data.h +18 -19
- data/src/core/client_channel/retry_interceptor.cc +408 -0
- data/src/core/client_channel/retry_interceptor.h +157 -0
- data/src/core/client_channel/retry_service_config.cc +7 -9
- data/src/core/client_channel/retry_service_config.h +19 -8
- data/src/core/client_channel/retry_throttle.cc +34 -20
- data/src/core/client_channel/retry_throttle.h +6 -9
- data/src/core/client_channel/subchannel.cc +76 -118
- data/src/core/client_channel/subchannel.h +21 -20
- data/src/core/client_channel/subchannel_interface_internal.h +1 -1
- data/src/core/client_channel/subchannel_pool_interface.cc +1 -3
- data/src/core/client_channel/subchannel_pool_interface.h +2 -3
- data/src/core/client_channel/subchannel_stream_client.cc +7 -11
- data/src/core/client_channel/subchannel_stream_client.h +11 -13
- data/src/core/config/config_vars.cc +152 -0
- data/src/core/config/config_vars.h +129 -0
- data/src/core/config/config_vars_non_generated.cc +49 -0
- data/src/core/config/core_configuration.cc +111 -0
- data/src/core/config/core_configuration.h +242 -0
- data/src/core/config/load_config.cc +78 -0
- data/src/core/config/load_config.h +54 -0
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.cc +21 -29
- data/src/core/ext/filters/backend_metrics/backend_metric_filter.h +7 -8
- data/src/core/ext/filters/census/grpc_context.cc +1 -2
- data/src/core/ext/filters/channel_idle/idle_filter_state.cc +1 -2
- data/src/core/ext/filters/channel_idle/idle_filter_state.h +0 -1
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.cc +17 -20
- data/src/core/ext/filters/channel_idle/legacy_channel_idle_filter.h +6 -8
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +20 -25
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +7 -9
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.cc +3 -4
- data/src/core/ext/filters/fault_injection/fault_injection_service_config_parser.h +4 -7
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.cc +198 -0
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_filter.h +97 -0
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.cc +80 -0
- data/src/core/ext/filters/gcp_authentication/gcp_authentication_service_config_parser.h +86 -0
- data/src/core/ext/filters/http/client/http_client_filter.cc +13 -13
- data/src/core/ext/filters/http/client/http_client_filter.h +4 -5
- data/src/core/ext/filters/http/client_authority_filter.cc +13 -17
- data/src/core/ext/filters/http/client_authority_filter.h +6 -7
- data/src/core/ext/filters/http/http_filters_plugin.cc +1 -2
- data/src/core/ext/filters/http/message_compress/compression_filter.cc +49 -41
- data/src/core/ext/filters/http/message_compress/compression_filter.h +19 -17
- data/src/core/ext/filters/http/server/http_server_filter.cc +16 -18
- data/src/core/ext/filters/http/server/http_server_filter.h +4 -5
- data/src/core/ext/filters/message_size/message_size_filter.cc +32 -39
- data/src/core/ext/filters/message_size/message_size_filter.h +22 -25
- data/src/core/ext/filters/rbac/rbac_filter.cc +6 -13
- data/src/core/ext/filters/rbac/rbac_filter.h +6 -8
- data/src/core/ext/filters/rbac/rbac_service_config_parser.cc +17 -11
- data/src/core/ext/filters/rbac/rbac_service_config_parser.h +2 -4
- data/src/core/ext/filters/stateful_session/stateful_session_filter.cc +12 -14
- data/src/core/ext/filters/stateful_session/stateful_session_filter.h +6 -8
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.cc +3 -4
- data/src/core/ext/filters/stateful_session/stateful_session_service_config_parser.h +5 -7
- data/src/core/ext/transport/chttp2/alpn/alpn.cc +1 -3
- data/src/core/ext/transport/chttp2/alpn/alpn.h +1 -2
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +21 -26
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +7 -7
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +762 -191
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +191 -15
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/bin_decoder.h +2 -3
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +4 -7
- data/src/core/ext/transport/chttp2/transport/bin_encoder.h +1 -2
- data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.cc +53 -0
- data/src/core/ext/transport/chttp2/transport/call_tracer_wrapper.h +72 -0
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +500 -394
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +12 -13
- data/src/core/ext/transport/chttp2/transport/context_list_entry.h +1 -2
- data/src/core/ext/transport/chttp2/transport/decode_huff.h +4 -4
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +7 -10
- data/src/core/ext/transport/chttp2/transport/flow_control.h +5 -8
- data/src/core/ext/transport/chttp2/transport/frame.cc +24 -7
- data/src/core/ext/transport/chttp2/transport/frame.h +16 -7
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +17 -14
- data/src/core/ext/transport/chttp2/transport/frame_data.h +2 -4
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +11 -14
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +8 -10
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +7 -9
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +1 -2
- data/src/core/ext/transport/chttp2/transport/frame_security.cc +80 -0
- data/src/core/ext/transport/chttp2/transport/frame_security.h +44 -0
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +29 -16
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +3 -4
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +21 -4
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +1 -2
- data/src/core/ext/transport/chttp2/transport/hpack_constants.h +2 -2
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +12 -14
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +6 -8
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.cc +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_encoder_table.h +4 -5
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.cc +2 -4
- data/src/core/ext/transport/chttp2/transport/hpack_parse_result.h +6 -9
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +39 -40
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +9 -12
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.cc +38 -8
- data/src/core/ext/transport/chttp2/transport/hpack_parser_table.h +29 -10
- data/src/core/ext/transport/chttp2/transport/http2_settings.cc +13 -5
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +12 -6
- data/src/core/ext/transport/chttp2/transport/internal.h +58 -110
- data/src/core/ext/transport/chttp2/transport/legacy_frame.h +1 -0
- data/src/core/ext/transport/chttp2/transport/parsing.cc +79 -55
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.cc +4 -4
- data/src/core/ext/transport/chttp2/transport/ping_abuse_policy.h +3 -3
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.cc +4 -5
- data/src/core/ext/transport/chttp2/transport/ping_callbacks.h +5 -7
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.cc +6 -7
- data/src/core/ext/transport/chttp2/transport/ping_rate_policy.h +4 -6
- data/src/core/ext/transport/chttp2/transport/stream_lists.cc +11 -11
- data/src/core/ext/transport/chttp2/transport/stream_lists.h +65 -0
- data/src/core/ext/transport/chttp2/transport/varint.cc +6 -6
- data/src/core/ext/transport/chttp2/transport/varint.h +1 -3
- data/src/core/ext/transport/chttp2/transport/write_size_policy.cc +2 -3
- data/src/core/ext/transport/chttp2/transport/write_size_policy.h +3 -4
- data/src/core/ext/transport/chttp2/transport/writing.cc +49 -55
- data/src/core/ext/transport/inproc/inproc_transport.cc +7 -10
- data/src/core/ext/transport/inproc/legacy_inproc_transport.cc +27 -24
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb.h +35 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb_minitable.c +25 -18
- data/src/core/ext/upb-gen/envoy/admin/v3/certs.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb.h +36 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb_minitable.c +24 -18
- data/src/core/ext/upb-gen/envoy/admin/v3/clusters.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb.h +39 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb_minitable.c +29 -22
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb.h +140 -5
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb_minitable.c +105 -84
- data/src/core/ext/upb-gen/envoy/admin/v3/config_dump_shared.upb_minitable.h +24 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb.h +10 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb_minitable.c +8 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/init_dump.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb.h +17 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb_minitable.c +12 -8
- data/src/core/ext/upb-gen/envoy/admin/v3/listeners.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/envoy/admin/v3/memory.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/envoy/admin/v3/metrics.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/envoy/admin/v3/mutex_stats.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb.h +35 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.c +19 -14
- data/src/core/ext/upb-gen/envoy/admin/v3/server_info.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/admin/v3/tap.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb_minitable.c +7 -1
- data/src/core/ext/upb-gen/envoy/annotations/deprecation.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/envoy/annotations/resource.upb.h +7 -6
- data/src/core/ext/upb-gen/envoy/annotations/resource.upb_minitable.c +10 -6
- data/src/core/ext/upb-gen/envoy/annotations/resource.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb.h +61 -4
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb_minitable.c +66 -48
- data/src/core/ext/upb-gen/envoy/config/accesslog/v3/accesslog.upb_minitable.h +21 -4
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb.h +183 -4
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.c +131 -106
- data/src/core/ext/upb-gen/envoy/config/bootstrap/v3/bootstrap.upb_minitable.h +28 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb.h +31 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb_minitable.c +22 -17
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/circuit_breaker.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb.h +251 -40
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.c +169 -140
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/cluster.upb_minitable.h +30 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb.h +9 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb_minitable.c +8 -5
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/filter.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb.h +56 -4
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.c +30 -27
- data/src/core/ext/upb-gen/envoy/config/cluster/v3/outlier_detection.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb.h +96 -4
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.c +80 -63
- data/src/core/ext/upb-gen/envoy/config/common/matcher/v3/matcher.upb_minitable.h +20 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb.h +44 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.c +36 -26
- data/src/core/ext/upb-gen/envoy/config/core/v3/address.upb_minitable.h +13 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb.h +9 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb_minitable.c +8 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/backoff.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb.h +225 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.c +138 -81
- data/src/core/ext/upb-gen/envoy/config/core/v3/base.upb_minitable.h +36 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb.h +46 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb_minitable.c +36 -27
- data/src/core/ext/upb-gen/envoy/config/core/v3/config_source.upb_minitable.h +12 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/event_service_config.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/extension.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb.h +10 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb_minitable.c +8 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_method_list.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb.h +71 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.c +61 -45
- data/src/core/ext/upb-gen/envoy/config/core/v3/grpc_service.upb_minitable.h +19 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb.h +92 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb_minitable.c +55 -44
- data/src/core/ext/upb-gen/envoy/config/core/v3/health_check.upb_minitable.h +14 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb.h +12 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.c +8 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_service.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/http_uri.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb.h +196 -10
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.c +101 -77
- data/src/core/ext/upb-gen/envoy/config/core/v3/protocol.upb_minitable.h +21 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb_minitable.c +8 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/proxy_protocol.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb.h +12 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb_minitable.c +9 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/resolver.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb.h +151 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.c +60 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_cmsg_headers.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb.h +238 -25
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.c +73 -21
- data/src/core/ext/upb-gen/envoy/config/core/v3/socket_option.upb_minitable.h +13 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb.h +16 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.c +11 -7
- data/src/core/ext/upb-gen/envoy/config/core/v3/substitution_format_string.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb.h +9 -4
- data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb_minitable.c +8 -5
- data/src/core/ext/upb-gen/envoy/config/core/v3/udp_socket_config.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb.h +35 -4
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.c +23 -17
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb.h +48 -4
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb_minitable.c +41 -32
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/endpoint_components.upb_minitable.h +12 -4
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb.h +44 -4
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb_minitable.c +27 -19
- data/src/core/ext/upb-gen/envoy/config/endpoint/v3/load_report.upb_minitable.h +11 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/api_listener.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb.h +83 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb_minitable.c +53 -41
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener.upb_minitable.h +15 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb.h +69 -106
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.c +48 -60
- data/src/core/ext/upb-gen/envoy/config/listener/v3/listener_components.upb_minitable.h +11 -5
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb.h +112 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.c +41 -16
- data/src/core/ext/upb-gen/envoy/config/listener/v3/quic_config.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb.h +11 -4
- data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb_minitable.c +10 -6
- data/src/core/ext/upb-gen/envoy/config/listener/v3/udp_listener_config.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb.h +9 -4
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb_minitable.c +8 -5
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/metrics_service.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb.h +33 -4
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb_minitable.c +34 -24
- data/src/core/ext/upb-gen/envoy/config/metrics/v3/stats.upb_minitable.h +13 -4
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb.h +53 -5
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb_minitable.c +41 -29
- data/src/core/ext/upb-gen/envoy/config/overload/v3/overload.upb_minitable.h +15 -4
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb.h +248 -4
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.c +106 -63
- data/src/core/ext/upb-gen/envoy/config/rbac/v3/rbac.upb_minitable.h +18 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb.h +52 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.c +24 -19
- data/src/core/ext/upb-gen/envoy/config/route/v3/route.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb.h +688 -8
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.c +374 -257
- data/src/core/ext/upb-gen/envoy/config/route/v3/route_components.upb_minitable.h +67 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb.h +14 -4
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb_minitable.c +13 -8
- data/src/core/ext/upb-gen/envoy/config/route/v3/scoped_route.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb.h +69 -4
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.c +59 -45
- data/src/core/ext/upb-gen/envoy/config/tap/v3/common.upb_minitable.h +17 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb.h +9 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb_minitable.c +11 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/datadog.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/dynamic_ot.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb.h +9 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb_minitable.c +11 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/http_tracer.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/lightstep.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb.h +16 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.c +10 -7
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opentelemetry.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/service.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb.h +11 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb_minitable.c +12 -8
- data/src/core/ext/upb-gen/envoy/config/trace/v3/skywalking.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb.h +5 -6
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.c +3 -2
- data/src/core/ext/upb-gen/envoy/config/trace/v3/trace.upb_minitable.h +5 -5
- data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb.h +13 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb_minitable.c +13 -9
- data/src/core/ext/upb-gen/envoy/config/trace/v3/xray.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/config/trace/v3/zipkin.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb.h +102 -4
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.c +72 -54
- data/src/core/ext/upb-gen/envoy/data/accesslog/v3/accesslog.upb_minitable.h +21 -4
- data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/envoy/extensions/clusters/aggregate/v3/cluster.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb.h +17 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb_minitable.c +18 -11
- data/src/core/ext/upb-gen/envoy/extensions/filters/common/fault/v3/fault.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb.h +24 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb_minitable.c +18 -13
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/fault/v3/fault.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb.h +444 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.c +135 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upb_minitable.h +38 -0
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb.h +15 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb_minitable.c +14 -10
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/rbac/v3/rbac.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb.h +21 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.c +14 -10
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/router/v3/router.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb.h +9 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.c +11 -7
- data/src/core/ext/upb-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +197 -4
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.c +137 -113
- data/src/core/ext/upb-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb_minitable.h +26 -4
- data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb.h +77 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.c +25 -11
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/client_side_weighted_round_robin/v3/client_side_weighted_round_robin.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb.h +21 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb_minitable.c +24 -17
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/common/v3/common.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/pick_first/v3/pick_first.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb.h +15 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb_minitable.c +11 -8
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/ring_hash/v3/ring_hash.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/load_balancing_policies/wrr_locality/v3/wrr_locality.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb.h +105 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.c +51 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb_minitable.c +3 -1
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/cert.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb.h +59 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.c +42 -32
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/common.upb_minitable.h +13 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +17 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb_minitable.c +18 -13
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/secret.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +179 -28
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.c +79 -61
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls.upb_minitable.h +12 -4
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb.h +49 -11
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.c +17 -11
- data/src/core/ext/upb-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb.h +42 -4
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb_minitable.c +32 -26
- data/src/core/ext/upb-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/ads.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb.h +337 -22
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.c +102 -61
- data/src/core/ext/upb-gen/envoy/service/discovery/v3/discovery.upb_minitable.h +21 -4
- data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb.h +14 -4
- data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb_minitable.c +12 -8
- data/src/core/ext/upb-gen/envoy/service/load_stats/v3/lrs.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb.h +47 -5
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.c +32 -25
- data/src/core/ext/upb-gen/envoy/service/status/v3/csds.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/type/http/v3/cookie.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb.h +14 -4
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb_minitable.c +14 -8
- data/src/core/ext/upb-gen/envoy/type/http/v3/path_transformation.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb.h +142 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.c +55 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/address.upb_minitable.h +32 -0
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb.h +40 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.c +13 -7
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/filter_state.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb_minitable.c +8 -1
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/http_inputs.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb.h +12 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb_minitable.c +9 -5
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/metadata.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb.h +12 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb_minitable.c +8 -5
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/node.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/number.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/path.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb.h +11 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb_minitable.c +15 -10
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/regex.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb_minitable.c +5 -1
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/status_code_input.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb.h +14 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb_minitable.c +12 -8
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/string.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb.h +12 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb_minitable.c +9 -5
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/struct.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb.h +22 -4
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.c +20 -14
- data/src/core/ext/upb-gen/envoy/type/matcher/v3/value.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb.h +18 -4
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb_minitable.c +19 -10
- data/src/core/ext/upb-gen/envoy/type/metadata/v3/metadata.upb_minitable.h +12 -4
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb.h +17 -4
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb_minitable.c +18 -11
- data/src/core/ext/upb-gen/envoy/type/tracing/v3/custom_tag.upb_minitable.h +10 -4
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb.h +9 -4
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb_minitable.c +10 -5
- data/src/core/ext/upb-gen/envoy/type/v3/hash_policy.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/type/v3/http.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/http.upb_minitable.c +3 -1
- data/src/core/ext/upb-gen/envoy/type/v3/http.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/envoy/type/v3/http_status.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/v3/percent.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/percent.upb_minitable.c +5 -1
- data/src/core/ext/upb-gen/envoy/type/v3/percent.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/v3/range.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/range.upb_minitable.c +6 -1
- data/src/core/ext/upb-gen/envoy/type/v3/range.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb.h +9 -4
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb_minitable.c +9 -5
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_strategy.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb_minitable.c +3 -1
- data/src/core/ext/upb-gen/envoy/type/v3/ratelimit_unit.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb.h +5 -4
- data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/envoy/type/v3/semantic_version.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb.h +9 -4
- data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb_minitable.c +8 -5
- data/src/core/ext/upb-gen/envoy/type/v3/token_bucket.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/api/annotations.upb.h +7 -6
- data/src/core/ext/upb-gen/google/api/annotations.upb_minitable.c +5 -2
- data/src/core/ext/upb-gen/google/api/annotations.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb.h +103 -4
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.c +82 -56
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/checked.upb_minitable.h +18 -4
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb.h +482 -26
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.c +160 -68
- data/src/core/ext/upb-gen/google/api/expr/v1alpha1/syntax.upb_minitable.h +23 -4
- data/src/core/ext/upb-gen/google/api/http.upb.h +18 -4
- data/src/core/ext/upb-gen/google/api/http.upb_minitable.c +13 -8
- data/src/core/ext/upb-gen/google/api/http.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/google/api/httpbody.upb.h +10 -4
- data/src/core/ext/upb-gen/google/api/httpbody.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/google/api/httpbody.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/any.upb.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/any.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/google/protobuf/any.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb.h +202 -4
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.c +241 -206
- data/src/core/ext/upb-gen/google/protobuf/descriptor.upb_minitable.h +55 -21
- data/src/core/ext/upb-gen/google/protobuf/duration.upb.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/duration.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/google/protobuf/duration.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/empty.upb.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/empty.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/google/protobuf/empty.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/struct.upb.h +27 -4
- data/src/core/ext/upb-gen/google/protobuf/struct.upb_minitable.c +20 -14
- data/src/core/ext/upb-gen/google/protobuf/struct.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/google/protobuf/timestamp.upb.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/timestamp.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/google/protobuf/timestamp.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/wrappers.upb.h +6 -4
- data/src/core/ext/upb-gen/google/protobuf/wrappers.upb_minitable.c +12 -1
- data/src/core/ext/upb-gen/google/protobuf/wrappers.upb_minitable.h +14 -4
- data/src/core/ext/upb-gen/google/rpc/status.upb.h +10 -4
- data/src/core/ext/upb-gen/google/rpc/status.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/google/rpc/status.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb.h +13 -4
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb_minitable.c +9 -5
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/altscontext.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb.h +63 -4
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.c +51 -37
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/handshaker.upb_minitable.h +17 -4
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb.h +10 -4
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.c +9 -5
- data/src/core/ext/upb-gen/src/proto/grpc/gcp/transport_security_common.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb.h +6 -4
- data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb_minitable.c +5 -1
- data/src/core/ext/upb-gen/src/proto/grpc/health/v1/health.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb.h +29 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb_minitable.c +31 -20
- data/src/core/ext/upb-gen/src/proto/grpc/lb/v1/load_balancer.upb_minitable.h +14 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb.h +12 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb_minitable.c +9 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb.h +57 -4
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb_minitable.c +33 -22
- data/src/core/ext/upb-gen/src/proto/grpc/lookup/v1/rls_config.upb_minitable.h +14 -4
- data/src/core/ext/upb-gen/udpa/annotations/migrate.upb.h +15 -14
- data/src/core/ext/upb-gen/udpa/annotations/migrate.upb_minitable.c +22 -12
- data/src/core/ext/upb-gen/udpa/annotations/migrate.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/udpa/annotations/security.upb.h +7 -6
- data/src/core/ext/upb-gen/udpa/annotations/security.upb_minitable.c +10 -6
- data/src/core/ext/upb-gen/udpa/annotations/security.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb.h +5 -4
- data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/udpa/annotations/sensitive.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/udpa/annotations/status.upb.h +7 -6
- data/src/core/ext/upb-gen/udpa/annotations/status.upb_minitable.c +10 -6
- data/src/core/ext/upb-gen/udpa/annotations/status.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/udpa/annotations/versioning.upb.h +7 -6
- data/src/core/ext/upb-gen/udpa/annotations/versioning.upb_minitable.c +10 -6
- data/src/core/ext/upb-gen/udpa/annotations/versioning.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/validate/validate.upb.h +89 -6
- data/src/core/ext/upb-gen/validate/validate.upb_minitable.c +116 -87
- data/src/core/ext/upb-gen/validate/validate.upb_minitable.h +29 -5
- data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb.h +15 -14
- data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb_minitable.c +22 -12
- data/src/core/ext/upb-gen/xds/annotations/v3/migrate.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/xds/annotations/v3/security.upb.h +7 -6
- data/src/core/ext/upb-gen/xds/annotations/v3/security.upb_minitable.c +10 -6
- data/src/core/ext/upb-gen/xds/annotations/v3/security.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb.h +5 -4
- data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/xds/annotations/v3/sensitive.upb_minitable.h +5 -4
- data/src/core/ext/upb-gen/xds/annotations/v3/status.upb.h +11 -10
- data/src/core/ext/upb-gen/xds/annotations/v3/status.upb_minitable.c +20 -11
- data/src/core/ext/upb-gen/xds/annotations/v3/status.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb.h +7 -6
- data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb_minitable.c +10 -6
- data/src/core/ext/upb-gen/xds/annotations/v3/versioning.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/core/v3/authority.upb.h +5 -4
- data/src/core/ext/upb-gen/xds/core/v3/authority.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/xds/core/v3/authority.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/core/v3/cidr.upb.h +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/cidr.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/cidr.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb.h +11 -4
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb_minitable.c +12 -8
- data/src/core/ext/upb-gen/xds/core/v3/collection_entry.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb.h +11 -4
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb_minitable.c +8 -4
- data/src/core/ext/upb-gen/xds/core/v3/context_params.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/extension.upb.h +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/extension.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/extension.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource.upb.h +9 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource.upb_minitable.c +8 -5
- data/src/core/ext/upb-gen/xds/core/v3/resource.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb.h +14 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb_minitable.c +12 -8
- data/src/core/ext/upb-gen/xds/core/v3/resource_locator.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb.h +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/xds/core/v3/resource_name.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb.h +23 -4
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb_minitable.c +12 -6
- data/src/core/ext/upb-gen/xds/data/orca/v3/orca_load_report.upb_minitable.h +9 -4
- data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb.h +7 -4
- data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/xds/service/orca/v3/orca.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb.h +7 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/cel.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb.h +12 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb_minitable.c +11 -7
- data/src/core/ext/upb-gen/xds/type/matcher/v3/domain.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb.h +5 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb_minitable.c +4 -1
- data/src/core/ext/upb-gen/xds/type/matcher/v3/http_inputs.upb_minitable.h +6 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb.h +17 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb_minitable.c +12 -8
- data/src/core/ext/upb-gen/xds/type/matcher/v3/ip.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb.h +63 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb_minitable.c +55 -43
- data/src/core/ext/upb-gen/xds/type/matcher/v3/matcher.upb_minitable.h +15 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb.h +41 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb_minitable.c +30 -22
- data/src/core/ext/upb-gen/xds/type/matcher/v3/range.upb_minitable.h +11 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb.h +7 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb_minitable.c +8 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/regex.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb.h +12 -4
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb_minitable.c +11 -7
- data/src/core/ext/upb-gen/xds/type/matcher/v3/string.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb.h +13 -4
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb_minitable.c +13 -9
- data/src/core/ext/upb-gen/xds/type/v3/cel.upb_minitable.h +7 -4
- data/src/core/ext/upb-gen/xds/type/v3/range.upb.h +6 -4
- data/src/core/ext/upb-gen/xds/type/v3/range.upb_minitable.c +6 -1
- data/src/core/ext/upb-gen/xds/type/v3/range.upb_minitable.h +8 -4
- data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb.h +7 -4
- data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb_minitable.c +7 -4
- data/src/core/ext/upb-gen/xds/type/v3/typed_struct.upb_minitable.h +6 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/certs.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/clusters.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.c +13 -11
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/config_dump_shared.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/init_dump.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/listeners.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/memory.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/metrics.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/mutex_stats.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.c +8 -5
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/server_info.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/admin/v3/tap.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/deprecation.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/annotations/resource.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/accesslog/v3/accesslog.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.c +420 -414
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/cluster.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/filter.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/cluster/v3/outlier_detection.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/common/matcher/v3/matcher.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/address.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/backoff.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.c +163 -154
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/base.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/config_source.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/event_service_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/extension.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_method_list.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/grpc_service.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/health_check.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_service.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/http_uri.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.c +272 -262
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/protocol.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/proxy_protocol.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/resolver.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.c +46 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_cmsg_headers.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.c +31 -20
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/socket_option.upbdefs.h +20 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/substitution_format_string.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/core/v3/udp_socket_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/endpoint/v3/load_report.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/api_listener.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.c +60 -66
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/listener_components.upbdefs.h +5 -9
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.c +75 -64
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/quic_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/listener/v3/udp_listener_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/metrics_service.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/metrics/v3/stats.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.c +51 -49
- data/src/core/ext/upbdefs-gen/envoy/config/overload/v3/overload.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.c +119 -101
- data/src/core/ext/upbdefs-gen/envoy/config/rbac/v3/rbac.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.c +919 -899
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/route_components.upbdefs.h +15 -4
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/route/v3/scoped_route.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/tap/v3/common.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/datadog.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/dynamic_ot.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/http_tracer.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/lightstep.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opentelemetry.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/service.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/skywalking.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.c +17 -19
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/trace.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/xray.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/zipkin.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/data/accesslog/v3/accesslog.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.c +87 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.upbdefs.h +48 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.c +35 -34
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/rbac/v3/rbac.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/router/v3/router.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/http/stateful_session/v3/stateful_session.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +462 -458
- data/src/core/ext/upbdefs-gen/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/http/stateful_session/cookie/v3/cookie.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/http_11_proxy/v3/upstream_http_11_connect.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +97 -96
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +204 -192
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.c +21 -18
- data/src/core/ext/upbdefs-gen/envoy/extensions/transport_sockets/tls/v3/tls_spiffe_validator_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/extensions/upstreams/http/v3/http_protocol_options.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/ads.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.c +150 -136
- data/src/core/ext/upbdefs-gen/envoy/service/discovery/v3/discovery.upbdefs.h +10 -4
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/service/load_stats/v3/lrs.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.c +25 -23
- data/src/core/ext/upbdefs-gen/envoy/service/status/v3/csds.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/cookie.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/http/v3/path_transformation.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/address.upbdefs.h +33 -0
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.c +28 -20
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/filter_state.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/http_inputs.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/metadata.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/node.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/number.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/path.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/regex.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/status_code_input.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/string.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/struct.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/matcher/v3/value.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/metadata/v3/metadata.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/tracing/v3/custom_tag.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/hash_policy.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/http_status.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/percent.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/range.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_strategy.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/ratelimit_unit.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/semantic_version.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/envoy/type/v3/token_bucket.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/api/annotations.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.c +110 -108
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/checked.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.c +103 -79
- data/src/core/ext/upbdefs-gen/google/api/expr/v1alpha1/syntax.upbdefs.h +15 -4
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/api/http.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/api/httpbody.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/any.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.c +486 -484
- data/src/core/ext/upbdefs-gen/google/protobuf/descriptor.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/duration.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/empty.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/struct.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/timestamp.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/protobuf/wrappers.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/google/rpc/status.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/src/proto/grpc/lookup/v1/rls_config.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/migrate.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/security.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/sensitive.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/status.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/udpa/annotations/versioning.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/validate/validate.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/migrate.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/security.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/sensitive.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/status.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/annotations/v3/versioning.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/authority.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/cidr.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/collection_entry.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/context_params.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/extension.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_locator.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/core/v3/resource_name.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/cel.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/domain.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/http_inputs.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/ip.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/matcher.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/range.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/regex.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/matcher/v3/string.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/cel.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/range.upbdefs.h +5 -4
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.c +2 -1
- data/src/core/ext/upbdefs-gen/xds/type/v3/typed_struct.upbdefs.h +5 -4
- data/src/core/filter/blackboard.cc +33 -0
- data/src/core/filter/blackboard.h +70 -0
- data/src/core/filter/filter_args.h +112 -0
- data/src/core/handshaker/endpoint_info/endpoint_info_handshaker.cc +4 -5
- data/src/core/handshaker/endpoint_info/endpoint_info_handshaker.h +1 -1
- data/src/core/handshaker/handshaker.cc +29 -43
- data/src/core/handshaker/handshaker.h +8 -10
- data/src/core/handshaker/handshaker_registry.cc +1 -2
- data/src/core/handshaker/handshaker_registry.h +2 -2
- data/src/core/handshaker/http_connect/http_connect_handshaker.cc +17 -16
- data/src/core/handshaker/http_connect/http_connect_handshaker.h +1 -1
- data/src/core/handshaker/http_connect/http_proxy_mapper.cc +38 -41
- data/src/core/handshaker/http_connect/http_proxy_mapper.h +7 -8
- data/src/core/handshaker/http_connect/xds_http_proxy_mapper.cc +57 -0
- data/src/core/handshaker/http_connect/xds_http_proxy_mapper.h +46 -0
- data/src/core/handshaker/proxy_mapper.h +6 -7
- data/src/core/handshaker/proxy_mapper_registry.cc +7 -8
- data/src/core/handshaker/proxy_mapper_registry.h +6 -7
- data/src/core/handshaker/security/secure_endpoint.cc +17 -19
- data/src/core/handshaker/security/secure_endpoint.h +2 -3
- data/src/core/handshaker/security/security_handshaker.cc +76 -96
- data/src/core/handshaker/security/security_handshaker.h +3 -4
- data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.cc +16 -16
- data/src/core/handshaker/tcp_connect/tcp_connect_handshaker.h +1 -1
- data/src/core/lib/address_utils/parse_address.cc +3 -4
- data/src/core/lib/address_utils/parse_address.h +2 -4
- data/src/core/lib/address_utils/sockaddr_utils.cc +4 -6
- data/src/core/lib/address_utils/sockaddr_utils.h +1 -3
- data/src/core/lib/channel/call_finalization.h +2 -2
- data/src/core/lib/channel/channel_args.cc +17 -19
- data/src/core/lib/channel/channel_args.h +19 -21
- data/src/core/lib/channel/channel_args_preconditioning.cc +2 -2
- data/src/core/lib/channel/channel_args_preconditioning.h +4 -4
- data/src/core/lib/channel/channel_stack.cc +5 -5
- data/src/core/lib/channel/channel_stack.h +17 -18
- data/src/core/lib/channel/channel_stack_builder.cc +2 -2
- data/src/core/lib/channel/channel_stack_builder.h +3 -4
- data/src/core/lib/channel/channel_stack_builder_impl.cc +5 -8
- data/src/core/lib/channel/channel_stack_builder_impl.h +15 -3
- data/src/core/lib/channel/connected_channel.cc +10 -13
- data/src/core/lib/channel/promise_based_filter.cc +184 -223
- data/src/core/lib/channel/promise_based_filter.h +99 -145
- data/src/core/lib/channel/status_util.cc +1 -3
- data/src/core/lib/channel/status_util.h +3 -3
- data/src/core/lib/compression/compression.cc +5 -6
- data/src/core/lib/compression/compression_internal.cc +14 -17
- data/src/core/lib/compression/compression_internal.h +6 -8
- data/src/core/lib/compression/message_compress.cc +3 -6
- data/src/core/lib/debug/trace.cc +5 -6
- data/src/core/lib/debug/trace_flags.cc +8 -20
- data/src/core/lib/debug/trace_flags.h +3 -5
- data/src/core/lib/debug/trace_impl.h +8 -2
- data/src/core/lib/event_engine/ares_resolver.cc +109 -82
- data/src/core/lib/event_engine/ares_resolver.h +13 -29
- data/src/core/lib/event_engine/cf_engine/cf_engine.cc +4 -8
- data/src/core/lib/event_engine/cf_engine/cf_engine.h +3 -5
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.cc +21 -10
- data/src/core/lib/event_engine/cf_engine/cfstream_endpoint.h +6 -10
- data/src/core/lib/event_engine/cf_engine/cftype_unique_ref.h +3 -5
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.cc +11 -13
- data/src/core/lib/event_engine/cf_engine/dns_service_resolver.h +5 -9
- data/src/core/lib/event_engine/channel_args_endpoint_config.cc +7 -10
- data/src/core/lib/event_engine/channel_args_endpoint_config.h +7 -9
- data/src/core/lib/event_engine/common_closures.h +5 -7
- data/src/core/lib/event_engine/default_event_engine.cc +69 -41
- data/src/core/lib/event_engine/default_event_engine.h +27 -36
- data/src/core/lib/event_engine/default_event_engine_factory.cc +8 -14
- data/src/core/lib/event_engine/default_event_engine_factory.h +4 -6
- data/src/core/lib/event_engine/event_engine.cc +4 -6
- data/src/core/lib/event_engine/extensions/can_track_errors.h +4 -6
- data/src/core/lib/event_engine/extensions/chaotic_good_extension.h +3 -6
- data/src/core/lib/event_engine/extensions/supports_fd.h +22 -7
- data/src/core/lib/event_engine/extensions/tcp_trace.h +2 -5
- data/src/core/lib/event_engine/forkable.cc +5 -8
- data/src/core/lib/event_engine/forkable.h +4 -7
- data/src/core/lib/event_engine/grpc_polled_fd.h +5 -8
- data/src/core/lib/event_engine/handle_containers.h +4 -7
- data/src/core/lib/event_engine/memory_allocator_factory.h +5 -8
- data/src/core/lib/event_engine/nameser.h +1 -1
- data/src/core/lib/event_engine/poller.h +4 -6
- data/src/core/lib/event_engine/posix.h +2 -4
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.cc +14 -62
- data/src/core/lib/event_engine/posix_engine/ev_epoll1_linux.h +10 -13
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.cc +21 -72
- data/src/core/lib/event_engine/posix_engine/ev_poll_posix.h +6 -9
- data/src/core/lib/event_engine/posix_engine/event_poller.h +5 -8
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.cc +6 -9
- data/src/core/lib/event_engine/posix_engine/event_poller_posix_default.h +4 -6
- data/src/core/lib/event_engine/posix_engine/grpc_polled_fd_posix.h +6 -10
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/internal_errqueue.h +3 -6
- data/src/core/lib/event_engine/posix_engine/lockfree_event.cc +7 -11
- data/src/core/lib/event_engine/posix_engine/lockfree_event.h +4 -7
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/native_posix_dns_resolver.h +4 -7
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.cc +43 -27
- data/src/core/lib/event_engine/posix_engine/posix_endpoint.h +10 -14
- data/src/core/lib/event_engine/posix_engine/posix_engine.cc +53 -34
- data/src/core/lib/event_engine/posix_engine/posix_engine.h +18 -20
- data/src/core/lib/event_engine/posix_engine/posix_engine_closure.h +5 -7
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.cc +10 -14
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener.h +16 -17
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.cc +6 -10
- data/src/core/lib/event_engine/posix_engine/posix_engine_listener_utils.h +3 -6
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.cc +13 -17
- data/src/core/lib/event_engine/posix_engine/tcp_socket_utils.h +10 -14
- data/src/core/lib/event_engine/posix_engine/timer.cc +8 -10
- data/src/core/lib/event_engine/posix_engine/timer.h +9 -13
- data/src/core/lib/event_engine/posix_engine/timer_heap.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/timer_heap.h +4 -6
- data/src/core/lib/event_engine/posix_engine/timer_manager.cc +12 -20
- data/src/core/lib/event_engine/posix_engine/timer_manager.h +9 -13
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.cc +9 -16
- data/src/core/lib/event_engine/posix_engine/traced_buffer_list.h +27 -30
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.cc +7 -10
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_eventfd.h +4 -7
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.cc +6 -9
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_pipe.h +4 -7
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix.h +4 -6
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.cc +4 -7
- data/src/core/lib/event_engine/posix_engine/wakeup_fd_posix_default.h +4 -6
- data/src/core/lib/event_engine/query_extensions.h +4 -6
- data/src/core/lib/event_engine/ref_counted_dns_resolver_interface.h +5 -9
- data/src/core/lib/event_engine/resolved_address.cc +7 -9
- data/src/core/lib/event_engine/resolved_address_internal.h +2 -4
- data/src/core/lib/event_engine/shim.cc +2 -4
- data/src/core/lib/event_engine/shim.h +2 -4
- data/src/core/lib/event_engine/slice.cc +5 -10
- data/src/core/lib/event_engine/slice_buffer.cc +3 -6
- data/src/core/lib/event_engine/tcp_socket_utils.cc +9 -18
- data/src/core/lib/event_engine/tcp_socket_utils.h +8 -10
- data/src/core/lib/event_engine/thread_local.cc +2 -4
- data/src/core/lib/event_engine/thread_local.h +2 -4
- data/src/core/lib/event_engine/thread_pool/thread_count.cc +4 -9
- data/src/core/lib/event_engine/thread_pool/thread_count.h +9 -24
- data/src/core/lib/event_engine/thread_pool/thread_pool.h +4 -8
- data/src/core/lib/event_engine/thread_pool/thread_pool_factory.cc +4 -7
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.cc +15 -21
- data/src/core/lib/event_engine/thread_pool/work_stealing_thread_pool.h +9 -13
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.cc +7 -9
- data/src/core/lib/event_engine/thready_event_engine/thready_event_engine.h +7 -9
- data/src/core/lib/event_engine/time_util.cc +4 -6
- data/src/core/lib/event_engine/time_util.h +3 -6
- data/src/core/lib/event_engine/utils.cc +21 -9
- data/src/core/lib/event_engine/utils.h +12 -8
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.cc +128 -105
- data/src/core/lib/event_engine/windows/grpc_polled_fd_windows.h +6 -10
- data/src/core/lib/event_engine/windows/iocp.cc +6 -9
- data/src/core/lib/event_engine/windows/iocp.h +3 -6
- data/src/core/lib/event_engine/windows/native_windows_dns_resolver.cc +6 -10
- data/src/core/lib/event_engine/windows/native_windows_dns_resolver.h +2 -4
- data/src/core/lib/event_engine/windows/win_socket.cc +6 -9
- data/src/core/lib/event_engine/windows/win_socket.h +6 -9
- data/src/core/lib/event_engine/windows/windows_endpoint.cc +30 -19
- data/src/core/lib/event_engine/windows/windows_endpoint.h +4 -6
- data/src/core/lib/event_engine/windows/windows_engine.cc +13 -15
- data/src/core/lib/event_engine/windows/windows_engine.h +10 -13
- data/src/core/lib/event_engine/windows/windows_listener.cc +4 -7
- data/src/core/lib/event_engine/windows/windows_listener.h +6 -9
- data/src/core/lib/event_engine/work_queue/basic_work_queue.cc +5 -7
- data/src/core/lib/event_engine/work_queue/basic_work_queue.h +5 -9
- data/src/core/lib/event_engine/work_queue/work_queue.h +4 -7
- data/src/core/lib/experiments/config.cc +21 -22
- data/src/core/lib/experiments/config.h +1 -2
- data/src/core/lib/experiments/experiments.cc +271 -177
- data/src/core/lib/experiments/experiments.h +119 -80
- data/src/core/lib/iomgr/buffer_list.cc +4 -6
- data/src/core/lib/iomgr/buffer_list.h +23 -23
- data/src/core/lib/iomgr/call_combiner.cc +2 -4
- data/src/core/lib/iomgr/call_combiner.h +12 -16
- data/src/core/lib/iomgr/cfstream_handle.cc +8 -14
- data/src/core/lib/iomgr/cfstream_handle.h +1 -1
- data/src/core/lib/iomgr/closure.cc +2 -2
- data/src/core/lib/iomgr/closure.h +12 -18
- data/src/core/lib/iomgr/combiner.cc +10 -15
- data/src/core/lib/iomgr/combiner.h +2 -3
- data/src/core/lib/iomgr/endpoint.h +1 -2
- data/src/core/lib/iomgr/endpoint_cfstream.cc +19 -26
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +2 -5
- data/src/core/lib/iomgr/endpoint_pair_windows.cc +1 -2
- data/src/core/lib/iomgr/error.cc +8 -10
- data/src/core/lib/iomgr/error.h +6 -9
- data/src/core/lib/iomgr/error_cfstream.cc +1 -3
- data/src/core/lib/iomgr/ev_apple.cc +16 -22
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +54 -94
- data/src/core/lib/iomgr/ev_poll_posix.cc +20 -29
- data/src/core/lib/iomgr/ev_posix.cc +59 -50
- data/src/core/lib/iomgr/ev_posix.h +1 -7
- data/src/core/lib/iomgr/event_engine_shims/closure.cc +10 -14
- data/src/core/lib/iomgr/event_engine_shims/closure.h +1 -2
- data/src/core/lib/iomgr/event_engine_shims/endpoint.cc +14 -18
- data/src/core/lib/iomgr/event_engine_shims/endpoint.h +2 -2
- data/src/core/lib/iomgr/event_engine_shims/tcp_client.cc +2 -4
- data/src/core/lib/iomgr/exec_ctx.cc +11 -21
- data/src/core/lib/iomgr/exec_ctx.h +22 -145
- data/src/core/lib/iomgr/executor.cc +49 -52
- data/src/core/lib/iomgr/executor.h +1 -1
- data/src/core/lib/iomgr/fork_posix.cc +5 -7
- data/src/core/lib/iomgr/fork_windows.cc +2 -3
- data/src/core/lib/iomgr/internal_errqueue.cc +2 -4
- data/src/core/lib/iomgr/iocp_windows.cc +4 -7
- data/src/core/lib/iomgr/iomgr.cc +7 -9
- data/src/core/lib/iomgr/iomgr.h +1 -2
- data/src/core/lib/iomgr/iomgr_internal.cc +1 -2
- data/src/core/lib/iomgr/iomgr_internal.h +1 -2
- data/src/core/lib/iomgr/iomgr_posix.cc +2 -1
- data/src/core/lib/iomgr/iomgr_windows.cc +4 -5
- data/src/core/lib/iomgr/lockfree_event.cc +10 -15
- data/src/core/lib/iomgr/nameser.h +1 -1
- data/src/core/lib/iomgr/polling_entity.cc +13 -7
- data/src/core/lib/iomgr/pollset_set_windows.cc +1 -2
- data/src/core/lib/iomgr/pollset_windows.cc +2 -4
- data/src/core/lib/iomgr/port.h +2 -2
- data/src/core/lib/iomgr/resolve_address.cc +3 -5
- data/src/core/lib/iomgr/resolve_address.h +4 -6
- data/src/core/lib/iomgr/resolve_address_impl.h +1 -2
- data/src/core/lib/iomgr/resolve_address_posix.cc +6 -10
- data/src/core/lib/iomgr/resolve_address_posix.h +2 -2
- data/src/core/lib/iomgr/resolve_address_windows.cc +8 -13
- data/src/core/lib/iomgr/resolve_address_windows.h +2 -2
- data/src/core/lib/iomgr/resolved_address.h +1 -2
- data/src/core/lib/iomgr/sockaddr_utils_posix.cc +3 -6
- data/src/core/lib/iomgr/socket_mutator.cc +1 -2
- data/src/core/lib/iomgr/socket_mutator.h +1 -2
- data/src/core/lib/iomgr/socket_utils.h +1 -2
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +5 -7
- data/src/core/lib/iomgr/socket_utils_linux.cc +1 -3
- data/src/core/lib/iomgr/socket_utils_posix.cc +6 -8
- data/src/core/lib/iomgr/socket_utils_windows.cc +1 -3
- data/src/core/lib/iomgr/socket_windows.cc +3 -5
- data/src/core/lib/iomgr/socket_windows.h +1 -2
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +12 -19
- data/src/core/lib/iomgr/tcp_client_posix.cc +13 -19
- data/src/core/lib/iomgr/tcp_client_windows.cc +6 -9
- data/src/core/lib/iomgr/tcp_posix.cc +49 -87
- data/src/core/lib/iomgr/tcp_posix.h +1 -1
- data/src/core/lib/iomgr/tcp_server.h +2 -2
- data/src/core/lib/iomgr/tcp_server_posix.cc +17 -25
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +2 -3
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +3 -5
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +4 -6
- data/src/core/lib/iomgr/tcp_server_windows.cc +11 -14
- data/src/core/lib/iomgr/tcp_windows.cc +8 -18
- data/src/core/lib/iomgr/timer.h +2 -2
- data/src/core/lib/iomgr/timer_generic.cc +55 -76
- data/src/core/lib/iomgr/timer_heap.cc +2 -3
- data/src/core/lib/iomgr/timer_manager.cc +9 -20
- data/src/core/lib/iomgr/timer_manager.h +1 -2
- data/src/core/lib/iomgr/unix_sockets_posix.cc +3 -5
- data/src/core/lib/iomgr/unix_sockets_posix.h +3 -4
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +0 -4
- data/src/core/lib/iomgr/vsock.cc +2 -5
- data/src/core/lib/iomgr/vsock.h +3 -4
- data/src/core/lib/iomgr/wakeup_fd_eventfd.cc +2 -4
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +3 -4
- data/src/core/lib/promise/activity.cc +4 -4
- data/src/core/lib/promise/activity.h +43 -25
- data/src/core/lib/promise/all_ok.h +40 -4
- data/src/core/lib/promise/arena_promise.h +2 -4
- data/src/core/lib/promise/cancel_callback.h +4 -4
- data/src/core/lib/promise/context.h +7 -9
- data/src/core/lib/promise/detail/basic_seq.h +33 -19
- data/src/core/lib/promise/detail/join_state.h +64 -117
- data/src/core/lib/promise/detail/promise_factory.h +92 -33
- data/src/core/lib/promise/detail/promise_like.h +34 -15
- data/src/core/lib/promise/detail/seq_state.h +1206 -1676
- data/src/core/lib/promise/detail/status.h +5 -5
- data/src/core/lib/promise/exec_ctx_wakeup_scheduler.h +2 -3
- data/src/core/lib/promise/for_each.h +31 -30
- data/src/core/lib/promise/if.h +56 -28
- data/src/core/lib/promise/interceptor_list.h +29 -41
- data/src/core/lib/promise/latch.h +31 -33
- data/src/core/lib/promise/loop.h +70 -22
- data/src/core/lib/promise/map.h +167 -21
- data/src/core/lib/promise/observable.h +3 -4
- data/src/core/lib/promise/party.cc +295 -136
- data/src/core/lib/promise/party.h +376 -362
- data/src/core/lib/promise/pipe.h +18 -21
- data/src/core/lib/promise/poll.h +27 -13
- data/src/core/lib/promise/prioritized_race.h +17 -23
- data/src/core/lib/promise/promise.h +7 -9
- data/src/core/lib/promise/race.h +6 -14
- data/src/core/lib/promise/seq.h +58 -45
- data/src/core/lib/promise/sleep.cc +6 -6
- data/src/core/lib/promise/sleep.h +19 -6
- data/src/core/lib/promise/status_flag.h +28 -7
- data/src/core/lib/promise/try_join.h +124 -10
- data/src/core/lib/promise/try_seq.h +84 -59
- data/src/core/lib/resource_quota/api.cc +4 -6
- data/src/core/lib/resource_quota/api.h +2 -3
- data/src/core/lib/resource_quota/arena.cc +3 -4
- data/src/core/lib/resource_quota/arena.h +91 -5
- data/src/core/lib/resource_quota/connection_quota.cc +2 -3
- data/src/core/lib/resource_quota/connection_quota.h +9 -6
- data/src/core/lib/resource_quota/memory_quota.cc +84 -79
- data/src/core/lib/resource_quota/memory_quota.h +27 -21
- data/src/core/lib/resource_quota/periodic_update.cc +6 -7
- data/src/core/lib/resource_quota/periodic_update.h +2 -4
- data/src/core/lib/resource_quota/resource_quota.h +7 -8
- data/src/core/lib/resource_quota/thread_quota.cc +2 -3
- data/src/core/lib/resource_quota/thread_quota.h +5 -6
- data/src/core/lib/security/authorization/audit_logging.cc +5 -7
- data/src/core/lib/security/authorization/audit_logging.h +5 -6
- data/src/core/lib/security/authorization/authorization_engine.h +3 -3
- data/src/core/lib/security/authorization/authorization_policy_provider.h +3 -4
- data/src/core/lib/security/authorization/authorization_policy_provider_vtable.cc +1 -1
- data/src/core/lib/security/authorization/evaluate_args.cc +7 -9
- data/src/core/lib/security/authorization/evaluate_args.h +6 -7
- data/src/core/lib/security/authorization/grpc_authorization_engine.cc +2 -4
- data/src/core/lib/security/authorization/grpc_authorization_engine.h +2 -3
- data/src/core/lib/security/authorization/grpc_server_authz_filter.cc +19 -29
- data/src/core/lib/security/authorization/grpc_server_authz_filter.h +8 -9
- data/src/core/lib/security/authorization/matchers.cc +2 -4
- data/src/core/lib/security/authorization/matchers.h +5 -7
- data/src/core/lib/security/authorization/rbac_policy.cc +3 -3
- data/src/core/lib/security/authorization/rbac_policy.h +6 -8
- data/src/core/lib/security/authorization/stdout_logger.cc +4 -5
- data/src/core/lib/security/authorization/stdout_logger.h +4 -4
- data/src/core/lib/security/certificate_provider/certificate_provider_factory.h +6 -7
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.cc +2 -2
- data/src/core/lib/security/certificate_provider/certificate_provider_registry.h +2 -3
- data/src/core/lib/security/context/security_context.cc +6 -8
- data/src/core/lib/security/context/security_context.h +16 -10
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +5 -5
- data/src/core/lib/security/credentials/alts/alts_credentials.h +8 -4
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +2 -4
- data/src/core/lib/security/credentials/alts/check_gcp_environment_linux.cc +1 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_no_op.cc +1 -2
- data/src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc +3 -5
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc +1 -2
- data/src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc +2 -2
- data/src/core/lib/security/credentials/call_creds_util.cc +6 -6
- data/src/core/lib/security/credentials/call_creds_util.h +2 -2
- data/src/core/lib/security/credentials/channel_creds_registry.h +5 -6
- data/src/core/lib/security/credentials/channel_creds_registry_init.cc +10 -11
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +3 -5
- data/src/core/lib/security/credentials/composite/composite_credentials.h +10 -9
- data/src/core/lib/security/credentials/credentials.cc +1 -4
- data/src/core/lib/security/credentials/credentials.h +12 -14
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +331 -336
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +58 -46
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +4 -5
- data/src/core/lib/security/credentials/external/aws_request_signer.h +3 -3
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +399 -364
- data/src/core/lib/security/credentials/external/external_account_credentials.h +125 -57
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +87 -50
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +32 -11
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +98 -125
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +21 -23
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +2 -4
- data/src/core/lib/security/credentials/fake/fake_credentials.h +8 -7
- data/src/core/lib/security/credentials/gcp_service_account_identity/gcp_service_account_identity_credentials.cc +195 -0
- data/src/core/lib/security/credentials/gcp_service_account_identity/gcp_service_account_identity_credentials.h +90 -0
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +4 -5
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +47 -64
- data/src/core/lib/security/credentials/google_default/google_default_credentials.h +7 -5
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +3 -6
- data/src/core/lib/security/credentials/iam/iam_credentials.h +8 -7
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +2 -2
- data/src/core/lib/security/credentials/insecure/insecure_credentials.h +2 -2
- data/src/core/lib/security/credentials/jwt/json_token.cc +11 -14
- data/src/core/lib/security/credentials/jwt/json_token.h +1 -2
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +9 -12
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +11 -11
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +19 -23
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -2
- data/src/core/lib/security/credentials/local/local_credentials.h +2 -2
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +178 -276
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +47 -70
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +15 -21
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +11 -11
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +6 -8
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +4 -7
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +15 -17
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +18 -19
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_match.cc +1 -3
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +99 -21
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +16 -15
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.cc +4 -7
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_verifier.h +8 -10
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +4 -5
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +1 -1
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.cc +3 -6
- data/src/core/lib/security/credentials/tls/grpc_tls_crl_provider.h +9 -12
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +8 -9
- data/src/core/lib/security/credentials/tls/tls_credentials.h +5 -3
- data/src/core/lib/security/credentials/tls/tls_utils.cc +1 -2
- data/src/core/lib/security/credentials/tls/tls_utils.h +3 -3
- data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.cc +304 -0
- data/src/core/lib/security/credentials/token_fetcher/token_fetcher_credentials.h +181 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +3 -4
- data/src/core/lib/security/credentials/xds/xds_credentials.h +7 -9
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +10 -12
- data/src/core/lib/security/security_connector/alts/alts_security_connector.h +1 -1
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +12 -15
- data/src/core/lib/security/security_connector/fake/fake_security_connector.h +1 -1
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +4 -7
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +5 -6
- data/src/core/lib/security/security_connector/load_system_roots_supported.cc +5 -7
- data/src/core/lib/security/security_connector/load_system_roots_windows.cc +3 -5
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +18 -14
- data/src/core/lib/security/security_connector/local/local_security_connector.h +1 -1
- data/src/core/lib/security/security_connector/security_connector.cc +2 -4
- data/src/core/lib/security/security_connector/security_connector.h +7 -8
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +6 -8
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +2 -3
- data/src/core/lib/security/security_connector/ssl_utils.cc +12 -14
- data/src/core/lib/security/security_connector/ssl_utils.h +7 -9
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +17 -19
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +20 -21
- data/src/core/lib/security/transport/auth_filters.h +97 -10
- data/src/core/lib/security/transport/client_auth_filter.cc +104 -16
- data/src/core/lib/security/transport/server_auth_filter.cc +14 -25
- data/src/core/lib/security/util/json_util.cc +4 -5
- data/src/core/lib/slice/percent_encoding.cc +2 -5
- data/src/core/lib/slice/slice.cc +4 -7
- data/src/core/lib/slice/slice.h +5 -8
- data/src/core/lib/slice/slice_buffer.cc +7 -9
- data/src/core/lib/slice/slice_buffer.h +5 -6
- data/src/core/lib/slice/slice_internal.h +3 -6
- data/src/core/lib/slice/slice_refcount.h +8 -11
- data/src/core/lib/slice/slice_string_helpers.h +1 -2
- data/src/core/lib/surface/byte_buffer.cc +1 -2
- data/src/core/lib/surface/byte_buffer_reader.cc +3 -6
- data/src/core/lib/surface/call.cc +25 -33
- data/src/core/lib/surface/call.h +10 -11
- data/src/core/lib/surface/call_log_batch.cc +3 -5
- data/src/core/lib/surface/call_test_only.h +1 -2
- data/src/core/lib/surface/call_utils.cc +18 -61
- data/src/core/lib/surface/call_utils.h +67 -24
- data/src/core/lib/surface/channel.cc +7 -17
- data/src/core/lib/surface/channel.h +14 -15
- data/src/core/lib/surface/channel_create.cc +2 -4
- data/src/core/lib/surface/channel_create.h +2 -3
- data/src/core/lib/surface/channel_init.cc +5 -7
- data/src/core/lib/surface/channel_init.h +4 -7
- data/src/core/lib/surface/client_call.cc +122 -96
- data/src/core/lib/surface/client_call.h +34 -22
- data/src/core/lib/surface/completion_queue.cc +32 -49
- data/src/core/lib/surface/completion_queue.h +4 -5
- data/src/core/lib/surface/completion_queue_factory.cc +1 -3
- data/src/core/lib/surface/connection_context.cc +77 -0
- data/src/core/lib/surface/connection_context.h +156 -0
- data/src/core/lib/surface/event_string.cc +9 -3
- data/src/core/lib/surface/event_string.h +2 -2
- data/src/core/lib/surface/filter_stack_call.cc +29 -33
- data/src/core/lib/surface/filter_stack_call.h +17 -20
- data/src/core/lib/surface/init.cc +44 -18
- data/src/core/lib/surface/init.h +5 -0
- data/src/core/lib/surface/init_internally.h +13 -2
- data/src/core/lib/surface/lame_client.cc +10 -12
- data/src/core/lib/surface/lame_client.h +4 -5
- data/src/core/lib/surface/legacy_channel.cc +20 -19
- data/src/core/lib/surface/legacy_channel.h +7 -8
- data/src/core/lib/surface/metadata_array.cc +1 -2
- data/src/core/lib/surface/server_call.cc +128 -93
- data/src/core/lib/surface/server_call.h +21 -21
- data/src/core/lib/surface/validate_metadata.cc +3 -4
- data/src/core/lib/surface/validate_metadata.h +2 -5
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/bdp_estimator.cc +11 -15
- data/src/core/lib/transport/bdp_estimator.h +9 -13
- data/src/core/lib/transport/call_arena_allocator.cc +4 -18
- data/src/core/lib/transport/call_arena_allocator.h +22 -8
- data/src/core/lib/transport/call_destination.h +1 -1
- data/src/core/lib/transport/call_filters.cc +21 -130
- data/src/core/lib/transport/call_filters.h +510 -94
- data/src/core/lib/transport/call_final_info.cc +2 -2
- data/src/core/lib/transport/call_final_info.h +3 -3
- data/src/core/lib/transport/call_spine.cc +13 -55
- data/src/core/lib/transport/call_spine.h +220 -25
- data/src/core/lib/transport/call_state.h +283 -86
- data/src/core/lib/transport/connectivity_state.cc +43 -53
- data/src/core/lib/transport/connectivity_state.h +7 -10
- data/src/core/lib/transport/error_utils.cc +3 -4
- data/src/core/lib/transport/error_utils.h +4 -5
- data/src/core/lib/transport/http2_errors.h +5 -3
- data/src/core/lib/transport/interception_chain.cc +11 -3
- data/src/core/lib/transport/interception_chain.h +53 -15
- data/src/core/lib/transport/message.cc +2 -2
- data/src/core/lib/transport/message.h +5 -0
- data/src/core/lib/transport/metadata.h +88 -0
- data/src/core/lib/transport/metadata_batch.cc +14 -7
- data/src/core/lib/transport/metadata_batch.h +137 -30
- data/src/core/lib/transport/metadata_compression_traits.h +3 -4
- data/src/core/lib/transport/parsed_metadata.h +3 -5
- data/src/core/lib/transport/simple_slice_based_metadata.h +1 -2
- data/src/core/lib/transport/status_conversion.h +1 -1
- data/src/core/lib/transport/timeout_encoding.cc +22 -23
- data/src/core/lib/transport/timeout_encoding.h +4 -5
- data/src/core/lib/transport/transport.cc +4 -7
- data/src/core/lib/transport/transport.h +25 -24
- data/src/core/lib/transport/transport_framing_endpoint_extension.h +47 -0
- data/src/core/lib/transport/transport_op_string.cc +4 -6
- data/src/core/load_balancing/address_filtering.cc +2 -4
- data/src/core/load_balancing/address_filtering.h +4 -5
- data/src/core/load_balancing/backend_metric_data.h +2 -2
- data/src/core/load_balancing/backend_metric_parser.cc +22 -30
- data/src/core/load_balancing/backend_metric_parser.h +1 -3
- data/src/core/load_balancing/child_policy_handler.cc +5 -6
- data/src/core/load_balancing/child_policy_handler.h +4 -5
- data/src/core/load_balancing/delegating_helper.h +6 -7
- data/src/core/load_balancing/endpoint_list.cc +18 -10
- data/src/core/load_balancing/endpoint_list.h +26 -21
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.cc +11 -10
- data/src/core/load_balancing/grpclb/client_load_reporting_filter.h +5 -6
- data/src/core/load_balancing/grpclb/grpclb.cc +96 -131
- data/src/core/load_balancing/grpclb/grpclb_balancer_addresses.cc +1 -2
- data/src/core/load_balancing/grpclb/grpclb_client_stats.cc +2 -3
- data/src/core/load_balancing/grpclb/grpclb_client_stats.h +5 -7
- data/src/core/load_balancing/grpclb/load_balancer_api.cc +4 -6
- data/src/core/load_balancing/grpclb/load_balancer_api.h +4 -6
- data/src/core/load_balancing/health_check_client.cc +67 -110
- data/src/core/load_balancing/health_check_client.h +3 -3
- data/src/core/load_balancing/health_check_client_internal.h +15 -16
- data/src/core/load_balancing/lb_policy.cc +4 -6
- data/src/core/load_balancing/lb_policy.h +17 -27
- data/src/core/load_balancing/lb_policy_factory.h +4 -5
- data/src/core/load_balancing/lb_policy_registry.cc +13 -12
- data/src/core/load_balancing/lb_policy_registry.h +4 -5
- data/src/core/load_balancing/oob_backend_metric.cc +16 -20
- data/src/core/load_balancing/oob_backend_metric.h +3 -3
- data/src/core/load_balancing/oob_backend_metric_internal.h +8 -9
- data/src/core/load_balancing/outlier_detection/outlier_detection.cc +176 -212
- data/src/core/load_balancing/outlier_detection/outlier_detection.h +6 -7
- data/src/core/load_balancing/pick_first/pick_first.cc +297 -321
- data/src/core/load_balancing/priority/priority.cc +97 -133
- data/src/core/load_balancing/ring_hash/ring_hash.cc +247 -211
- data/src/core/load_balancing/ring_hash/ring_hash.h +7 -15
- data/src/core/load_balancing/rls/rls.cc +268 -404
- data/src/core/load_balancing/rls/rls.h +97 -1
- data/src/core/load_balancing/round_robin/round_robin.cc +59 -89
- data/src/core/load_balancing/subchannel_interface.h +13 -6
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.cc +8 -9
- data/src/core/load_balancing/weighted_round_robin/static_stride_scheduler.h +4 -5
- data/src/core/load_balancing/weighted_round_robin/weighted_round_robin.cc +120 -158
- data/src/core/load_balancing/weighted_target/weighted_target.cc +70 -103
- data/src/core/load_balancing/xds/cds.cc +60 -78
- data/src/core/load_balancing/xds/xds_cluster_impl.cc +114 -117
- data/src/core/load_balancing/xds/xds_cluster_manager.cc +56 -80
- data/src/core/load_balancing/xds/xds_override_host.cc +152 -237
- data/src/core/load_balancing/xds/xds_override_host.h +3 -4
- data/src/core/load_balancing/xds/xds_wrr_locality.cc +36 -47
- data/src/core/plugin_registry/grpc_plugin_registry.cc +1 -7
- data/src/core/plugin_registry/grpc_plugin_registry_extra.cc +6 -1
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.cc +86 -71
- data/src/core/resolver/dns/c_ares/dns_resolver_ares.h +2 -3
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver.h +4 -6
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +2 -6
- data/src/core/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +118 -100
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.cc +147 -115
- data/src/core/resolver/dns/c_ares/grpc_ares_wrapper.h +3 -13
- data/src/core/resolver/dns/dns_resolver_plugin.cc +4 -6
- data/src/core/resolver/dns/dns_resolver_plugin.h +1 -1
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.cc +59 -65
- data/src/core/resolver/dns/event_engine/event_engine_client_channel_resolver.h +3 -4
- data/src/core/resolver/dns/event_engine/service_config_helper.cc +3 -5
- data/src/core/resolver/dns/event_engine/service_config_helper.h +2 -2
- data/src/core/resolver/dns/native/dns_resolver.cc +19 -26
- data/src/core/resolver/dns/native/dns_resolver.h +1 -1
- data/src/core/resolver/endpoint_addresses.cc +1 -4
- data/src/core/resolver/endpoint_addresses.h +2 -3
- data/src/core/resolver/fake/fake_resolver.cc +17 -20
- data/src/core/resolver/fake/fake_resolver.h +9 -10
- data/src/core/resolver/google_c2p/google_c2p_resolver.cc +20 -24
- data/src/core/resolver/polling_resolver.cc +14 -28
- data/src/core/resolver/polling_resolver.h +11 -12
- data/src/core/resolver/resolver.h +4 -5
- data/src/core/resolver/resolver_factory.h +4 -5
- data/src/core/resolver/resolver_registry.cc +6 -5
- data/src/core/resolver/resolver_registry.h +4 -5
- data/src/core/resolver/sockaddr/sockaddr_resolver.cc +5 -6
- data/src/core/resolver/xds/xds_config.cc +95 -0
- data/src/core/resolver/xds/xds_config.h +108 -0
- data/src/core/resolver/xds/xds_dependency_manager.cc +242 -333
- data/src/core/resolver/xds/xds_dependency_manager.h +30 -89
- data/src/core/resolver/xds/xds_resolver.cc +139 -186
- data/src/core/resolver/xds/xds_resolver_attributes.h +2 -3
- data/src/core/server/server.cc +372 -91
- data/src/core/server/server.h +227 -81
- data/src/core/server/server_call_tracer_filter.cc +14 -11
- data/src/core/server/server_call_tracer_filter.h +1 -1
- data/src/core/server/server_config_selector.h +5 -6
- data/src/core/server/server_config_selector_filter.cc +16 -22
- data/src/core/server/xds_channel_stack_modifier.cc +3 -3
- data/src/core/server/xds_channel_stack_modifier.h +5 -6
- data/src/core/server/xds_server_config_fetcher.cc +118 -187
- data/src/core/service_config/service_config.h +3 -5
- data/src/core/service_config/service_config_call_data.h +7 -9
- data/src/core/service_config/service_config_channel_arg_filter.cc +15 -26
- data/src/core/service_config/service_config_impl.cc +7 -9
- data/src/core/service_config/service_config_impl.h +4 -7
- data/src/core/service_config/service_config_parser.cc +1 -2
- data/src/core/service_config/service_config_parser.h +2 -4
- data/src/core/telemetry/call_tracer.cc +10 -12
- data/src/core/telemetry/call_tracer.h +11 -11
- data/src/core/telemetry/histogram_view.cc +3 -3
- data/src/core/telemetry/histogram_view.h +1 -2
- data/src/core/telemetry/metrics.cc +21 -19
- data/src/core/telemetry/metrics.h +15 -19
- data/src/core/telemetry/stats.cc +1 -2
- data/src/core/telemetry/stats.h +2 -4
- data/src/core/telemetry/stats_data.cc +181 -2
- data/src/core/telemetry/stats_data.h +130 -4
- data/src/core/telemetry/tcp_tracer.h +33 -34
- data/src/core/tsi/alts/crypt/aes_gcm.cc +5 -8
- data/src/core/tsi/alts/crypt/gsec.cc +2 -3
- data/src/core/tsi/alts/crypt/gsec.h +3 -4
- data/src/core/tsi/alts/frame_protector/alts_counter.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_counter.h +3 -4
- data/src/core/tsi/alts/frame_protector/alts_crypter.cc +1 -2
- data/src/core/tsi/alts/frame_protector/alts_crypter.h +2 -3
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.cc +4 -5
- data/src/core/tsi/alts/frame_protector/alts_frame_protector.h +1 -2
- data/src/core/tsi/alts/frame_protector/alts_seal_privacy_integrity_crypter.cc +1 -1
- data/src/core/tsi/alts/frame_protector/alts_unseal_privacy_integrity_crypter.cc +1 -1
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +4 -6
- data/src/core/tsi/alts/frame_protector/frame_handler.h +1 -2
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +14 -15
- data/src/core/tsi/alts/handshaker/alts_shared_resource.cc +2 -4
- data/src/core/tsi/alts/handshaker/alts_shared_resource.h +1 -1
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +33 -31
- data/src/core/tsi/alts/handshaker/alts_tsi_utils.cc +2 -3
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +2 -2
- data/src/core/tsi/alts/handshaker/transport_security_common_api.h +3 -4
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.cc +3 -5
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_integrity_only_record_protocol.h +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.cc +2 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_privacy_integrity_record_protocol.h +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.cc +3 -5
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +3 -5
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.h +1 -2
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +3 -5
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.h +1 -2
- data/src/core/tsi/fake_transport_security.cc +14 -11
- data/src/core/tsi/local_transport_security.cc +4 -6
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.cc +4 -5
- data/src/core/tsi/ssl/key_logging/ssl_key_logging.h +8 -10
- data/src/core/tsi/ssl/session_cache/ssl_session.h +4 -5
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +4 -6
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +7 -8
- data/src/core/tsi/ssl/session_cache/ssl_session_openssl.cc +2 -4
- data/src/core/tsi/ssl_transport_security.cc +29 -17
- data/src/core/tsi/ssl_transport_security.h +6 -8
- data/src/core/tsi/ssl_transport_security_utils.cc +1 -3
- data/src/core/tsi/ssl_transport_security_utils.h +3 -5
- data/src/core/tsi/ssl_types.h +1 -2
- data/src/core/tsi/transport_security.cc +2 -3
- data/src/core/tsi/transport_security.h +1 -2
- data/src/core/tsi/transport_security_interface.h +3 -4
- data/src/core/util/alloc.cc +2 -6
- data/src/core/util/atomic_utils.h +47 -0
- data/src/core/util/avl.h +324 -0
- data/src/core/util/backoff.cc +57 -0
- data/src/core/util/backoff.h +86 -0
- data/src/core/util/bitset.h +224 -0
- data/src/core/util/chunked_vector.h +256 -0
- data/src/core/util/construct_destruct.h +41 -0
- data/src/core/util/cpp_impl_of.h +49 -0
- data/src/core/util/crash.cc +40 -0
- data/src/core/util/crash.h +36 -0
- data/src/core/util/debug_location.h +106 -0
- data/src/core/util/directory_reader.h +48 -0
- data/src/core/util/down_cast.h +48 -0
- data/src/core/util/dual_ref_counted.h +376 -0
- data/src/core/util/dump_args.cc +54 -0
- data/src/core/util/dump_args.h +114 -0
- data/src/core/util/env.h +52 -0
- data/src/core/util/event_log.cc +87 -0
- data/src/core/util/event_log.h +79 -0
- data/src/core/util/examine_stack.cc +43 -0
- data/src/core/util/examine_stack.h +44 -0
- data/src/core/util/fork.cc +241 -0
- data/src/core/util/fork.h +98 -0
- data/src/core/util/gcp_metadata_query.cc +8 -12
- data/src/core/util/gcp_metadata_query.h +2 -3
- data/src/core/util/gethostname.h +26 -0
- data/src/core/util/gethostname_fallback.cc +30 -0
- data/src/core/util/gethostname_host_name_max.cc +39 -0
- data/src/core/util/gethostname_sysconf.cc +39 -0
- data/src/core/util/glob.h +29 -0
- data/src/core/util/gpr_time.cc +266 -0
- data/src/core/util/grpc_if_nametoindex.h +29 -0
- data/src/core/util/grpc_if_nametoindex_posix.cc +41 -0
- data/src/core/util/grpc_if_nametoindex_unsupported.cc +36 -0
- data/src/core/util/host_port.cc +114 -0
- data/src/core/util/host_port.h +57 -0
- data/src/core/util/http_client/format_request.cc +2 -5
- data/src/core/util/http_client/format_request.h +1 -2
- data/src/core/util/http_client/httpcli.cc +95 -47
- data/src/core/util/http_client/httpcli.h +40 -28
- data/src/core/util/http_client/httpcli_security_connector.cc +11 -14
- data/src/core/util/http_client/httpcli_ssl_credentials.h +2 -3
- data/src/core/util/http_client/parser.cc +5 -8
- data/src/core/util/http_client/parser.h +1 -3
- data/src/core/util/if_list.h +4530 -0
- data/src/core/util/iphone/cpu.cc +1 -2
- data/src/core/util/json/json.h +1 -2
- data/src/core/util/json/json_channel_args.h +2 -2
- data/src/core/util/json/json_object_loader.cc +7 -8
- data/src/core/util/json/json_object_loader.h +20 -21
- data/src/core/util/json/json_reader.cc +6 -10
- data/src/core/util/json/json_reader.h +0 -1
- data/src/core/util/json/json_util.cc +4 -4
- data/src/core/util/json/json_util.h +1 -2
- data/src/core/util/json/json_writer.cc +4 -6
- data/src/core/util/latent_see.cc +112 -62
- data/src/core/util/latent_see.h +157 -37
- data/src/core/util/linux/cpu.cc +4 -6
- data/src/core/util/linux/env.cc +61 -0
- data/src/core/util/load_file.cc +75 -0
- data/src/core/util/load_file.h +33 -0
- data/src/core/util/log.cc +46 -68
- data/src/core/util/lru_cache.h +122 -0
- data/src/core/util/manual_constructor.h +145 -0
- data/src/core/util/match.h +74 -0
- data/src/core/util/matchers.cc +336 -0
- data/src/core/util/matchers.h +162 -0
- data/src/core/util/memory.h +52 -0
- data/src/core/util/mpscq.cc +108 -0
- data/src/core/util/mpscq.h +98 -0
- data/src/core/util/msys/tmpfile.cc +3 -5
- data/src/core/util/no_destruct.h +95 -0
- data/src/core/util/notification.h +66 -0
- data/src/core/util/orphanable.h +153 -0
- data/src/core/util/overload.h +59 -0
- data/src/core/util/packed_table.h +40 -0
- data/src/core/util/per_cpu.cc +34 -0
- data/src/core/util/per_cpu.h +102 -0
- data/src/core/util/posix/cpu.cc +3 -5
- data/src/core/util/posix/directory_reader.cc +82 -0
- data/src/core/util/posix/env.cc +47 -0
- data/src/core/util/posix/stat.cc +54 -0
- data/src/core/util/posix/string.cc +2 -3
- data/src/core/util/posix/sync.cc +2 -6
- data/src/core/util/posix/thd.cc +243 -0
- data/src/core/util/posix/time.cc +3 -6
- data/src/core/util/posix/tmpfile.cc +4 -6
- data/src/core/util/random_early_detection.cc +33 -0
- data/src/core/util/random_early_detection.h +61 -0
- data/src/core/util/ref_counted.h +403 -0
- data/src/core/util/ref_counted_ptr.h +443 -0
- data/src/core/util/ref_counted_string.cc +42 -0
- data/src/core/util/ref_counted_string.h +159 -0
- data/src/core/util/ring_buffer.h +122 -0
- data/src/core/util/single_set_ptr.h +89 -0
- data/src/core/util/sorted_pack.h +89 -0
- data/src/core/util/spinlock.h +2 -4
- data/src/core/util/stat.h +35 -0
- data/src/core/util/status_helper.cc +427 -0
- data/src/core/util/status_helper.h +160 -0
- data/src/core/util/strerror.cc +40 -0
- data/src/core/util/strerror.h +29 -0
- data/src/core/util/string.cc +13 -16
- data/src/core/util/string.h +1 -3
- data/src/core/util/sync.cc +3 -6
- data/src/core/util/sync.h +199 -0
- data/src/core/util/sync_abseil.cc +4 -8
- data/src/core/util/table.h +471 -0
- data/src/core/util/tchar.cc +49 -0
- data/src/core/util/tchar.h +33 -0
- data/src/core/util/thd.h +193 -0
- data/src/core/util/time.cc +174 -205
- data/src/core/util/time.h +385 -0
- data/src/core/util/time_averaged_stats.cc +60 -0
- data/src/core/util/time_averaged_stats.h +79 -0
- data/src/core/util/time_precise.cc +2 -4
- data/src/core/util/time_precise.h +0 -1
- data/src/core/util/time_util.cc +80 -0
- data/src/core/util/time_util.h +41 -0
- data/src/core/util/tmpfile.h +0 -1
- data/src/core/util/type_list.h +88 -0
- data/src/core/util/unique_ptr_with_bitset.h +86 -0
- data/src/core/util/unique_type_name.h +123 -0
- data/src/core/util/uri.cc +378 -0
- data/src/core/util/uri.h +112 -0
- data/src/core/util/useful.h +13 -39
- data/src/core/util/uuid_v4.cc +37 -0
- data/src/core/util/uuid_v4.h +35 -0
- data/src/core/util/validation_errors.cc +73 -0
- data/src/core/util/validation_errors.h +144 -0
- data/src/core/util/wait_for_single_owner.h +62 -0
- data/src/core/util/windows/cpu.cc +1 -2
- data/src/core/util/windows/directory_reader.cc +79 -0
- data/src/core/util/windows/env.cc +56 -0
- data/src/core/util/windows/stat.cc +50 -0
- data/src/core/util/windows/string.cc +2 -3
- data/src/core/util/windows/string_util.cc +5 -7
- data/src/core/util/windows/sync.cc +1 -4
- data/src/core/util/windows/thd.cc +182 -0
- data/src/core/util/windows/time.cc +1 -5
- data/src/core/util/windows/tmpfile.cc +4 -6
- data/src/core/util/work_serializer.cc +298 -0
- data/src/core/util/work_serializer.h +81 -0
- data/src/core/util/xxhash_inline.h +29 -0
- data/src/core/xds/grpc/certificate_provider_store.cc +15 -21
- data/src/core/xds/grpc/certificate_provider_store.h +9 -10
- data/src/core/xds/grpc/file_watcher_certificate_provider_factory.cc +5 -6
- data/src/core/xds/grpc/file_watcher_certificate_provider_factory.h +6 -7
- data/src/core/xds/grpc/xds_audit_logger_registry.cc +5 -6
- data/src/core/xds/grpc/xds_audit_logger_registry.h +3 -4
- data/src/core/xds/grpc/xds_bootstrap_grpc.cc +13 -49
- data/src/core/xds/grpc/xds_bootstrap_grpc.h +6 -11
- data/src/core/xds/grpc/xds_certificate_provider.cc +17 -19
- data/src/core/xds/grpc/xds_certificate_provider.h +8 -9
- data/src/core/xds/grpc/xds_client_grpc.cc +80 -62
- data/src/core/xds/grpc/xds_client_grpc.h +14 -8
- data/src/core/xds/grpc/xds_cluster.cc +11 -12
- data/src/core/xds/grpc/xds_cluster.h +38 -12
- data/src/core/xds/grpc/xds_cluster_parser.cc +188 -146
- data/src/core/xds/grpc/xds_cluster_parser.h +6 -2
- data/src/core/xds/grpc/xds_cluster_specifier_plugin.cc +9 -12
- data/src/core/xds/grpc/xds_cluster_specifier_plugin.h +5 -6
- data/src/core/xds/grpc/xds_common_types.cc +3 -4
- data/src/core/xds/grpc/xds_common_types.h +6 -7
- data/src/core/xds/grpc/xds_common_types_parser.cc +72 -38
- data/src/core/xds/grpc/xds_common_types_parser.h +28 -5
- data/src/core/xds/grpc/xds_endpoint.cc +3 -4
- data/src/core/xds/grpc/xds_endpoint.h +7 -5
- data/src/core/xds/grpc/xds_endpoint_parser.cc +106 -70
- data/src/core/xds/grpc/xds_endpoint_parser.h +1 -2
- data/src/core/xds/grpc/xds_health_status.cc +4 -4
- data/src/core/xds/grpc/xds_health_status.h +4 -4
- data/src/core/xds/grpc/xds_http_fault_filter.cc +38 -33
- data/src/core/xds/grpc/xds_http_fault_filter.h +13 -9
- data/src/core/xds/grpc/xds_http_filter.h +16 -7
- data/src/core/xds/grpc/xds_http_filter_registry.cc +16 -11
- data/src/core/xds/grpc/xds_http_filter_registry.h +13 -7
- data/src/core/xds/grpc/xds_http_gcp_authn_filter.cc +141 -0
- data/src/core/xds/grpc/xds_http_gcp_authn_filter.h +61 -0
- data/src/core/xds/grpc/xds_http_rbac_filter.cc +85 -67
- data/src/core/xds/grpc/xds_http_rbac_filter.h +13 -9
- data/src/core/xds/grpc/xds_http_stateful_session_filter.cc +24 -17
- data/src/core/xds/grpc/xds_http_stateful_session_filter.h +13 -9
- data/src/core/xds/grpc/xds_lb_policy_registry.cc +23 -27
- data/src/core/xds/grpc/xds_lb_policy_registry.h +4 -5
- data/src/core/xds/grpc/xds_listener.cc +5 -8
- data/src/core/xds/grpc/xds_listener.h +11 -12
- data/src/core/xds/grpc/xds_listener_parser.cc +72 -69
- data/src/core/xds/grpc/xds_listener_parser.h +3 -3
- data/src/core/xds/grpc/xds_metadata.cc +62 -0
- data/src/core/xds/grpc/xds_metadata.h +158 -0
- data/src/core/xds/grpc/xds_metadata_parser.cc +197 -0
- data/src/core/xds/grpc/xds_metadata_parser.h +35 -0
- data/src/core/xds/grpc/xds_route_config.cc +12 -18
- data/src/core/xds/grpc/xds_route_config.h +11 -12
- data/src/core/xds/grpc/xds_route_config_parser.cc +135 -144
- data/src/core/xds/grpc/xds_route_config_parser.h +7 -10
- data/src/core/xds/grpc/xds_routing.cc +65 -32
- data/src/core/xds/grpc/xds_routing.h +16 -10
- data/src/core/xds/grpc/xds_server_grpc.cc +23 -3
- data/src/core/xds/grpc/xds_server_grpc.h +7 -4
- data/src/core/xds/grpc/xds_server_grpc_interface.h +33 -0
- data/src/core/xds/grpc/xds_transport_grpc.cc +99 -56
- data/src/core/xds/grpc/xds_transport_grpc.h +33 -22
- data/src/core/xds/xds_client/lrs_client.cc +1280 -0
- data/src/core/xds/xds_client/lrs_client.h +394 -0
- data/src/core/xds/xds_client/xds_api.cc +28 -465
- data/src/core/xds/xds_client/xds_api.h +6 -161
- data/src/core/xds/xds_client/xds_backend_metric_propagation.cc +63 -0
- data/src/core/xds/xds_client/xds_backend_metric_propagation.h +59 -0
- data/src/core/xds/xds_client/xds_bootstrap.cc +12 -3
- data/src/core/xds/xds_client/xds_bootstrap.h +9 -2
- data/src/core/xds/xds_client/xds_client.cc +1109 -1362
- data/src/core/xds/xds_client/xds_client.h +167 -114
- data/src/core/xds/xds_client/xds_locality.h +102 -0
- data/src/core/xds/xds_client/xds_metrics.h +2 -2
- data/src/core/xds/xds_client/xds_resource_type.h +6 -8
- data/src/core/xds/xds_client/xds_resource_type_impl.h +15 -11
- data/src/core/xds/xds_client/xds_transport.h +29 -14
- data/src/ruby/ext/grpc/extconf.rb +2 -1
- data/src/ruby/ext/grpc/rb_byte_buffer.c +3 -3
- data/src/ruby/ext/grpc/rb_call.c +6 -6
- data/src/ruby/ext/grpc/rb_call_credentials.c +39 -33
- data/src/ruby/ext/grpc/rb_channel.c +28 -23
- data/src/ruby/ext/grpc/rb_channel_args.c +3 -3
- data/src/ruby/ext/grpc/rb_channel_credentials.c +5 -6
- data/src/ruby/ext/grpc/rb_channel_credentials.h +1 -2
- data/src/ruby/ext/grpc/rb_completion_queue.c +3 -4
- data/src/ruby/ext/grpc/rb_compression_options.c +6 -7
- data/src/ruby/ext/grpc/rb_event_thread.c +7 -7
- data/src/ruby/ext/grpc/rb_grpc.c +12 -12
- data/src/ruby/ext/grpc/rb_grpc.h +2 -3
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +6 -10
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +9 -15
- data/src/ruby/ext/grpc/rb_server.c +16 -14
- data/src/ruby/ext/grpc/rb_server_credentials.c +3 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +1 -2
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +5 -6
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +1 -2
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +4 -4
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +1 -2
- data/src/ruby/lib/grpc/generic/active_call.rb +8 -5
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/spec/call_spec.rb +53 -40
- data/src/ruby/spec/channel_spec.rb +4 -2
- data/src/ruby/spec/client_server_spec.rb +148 -507
- data/src/ruby/spec/generic/active_call_spec.rb +64 -86
- data/src/ruby/spec/generic/client_stub_spec.rb +20 -20
- data/src/ruby/spec/support/services.rb +3 -0
- data/third_party/abseil-cpp/absl/algorithm/container.h +57 -18
- data/third_party/abseil-cpp/absl/base/attributes.h +84 -0
- data/third_party/abseil-cpp/absl/base/config.h +32 -51
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +0 -16
- data/third_party/abseil-cpp/absl/base/internal/nullability_impl.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +13 -3
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +0 -12
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock_config.h +4 -4
- data/third_party/abseil-cpp/absl/base/macros.h +48 -0
- data/third_party/abseil-cpp/absl/base/no_destructor.h +35 -40
- data/third_party/abseil-cpp/absl/base/nullability.h +33 -7
- data/third_party/abseil-cpp/absl/base/optimization.h +11 -0
- data/third_party/abseil-cpp/absl/base/options.h +1 -1
- data/third_party/abseil-cpp/absl/base/prefetch.h +1 -1
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +68 -12
- data/third_party/abseil-cpp/absl/container/flat_hash_set.h +60 -6
- data/third_party/abseil-cpp/absl/container/hash_container_defaults.h +45 -0
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +13 -0
- data/third_party/abseil-cpp/absl/container/internal/common_policy_traits.h +20 -11
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +15 -16
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +34 -1
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +68 -1
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +50 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +22 -7
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +26 -8
- data/third_party/abseil-cpp/absl/container/internal/inlined_vector.h +39 -35
- data/third_party/abseil-cpp/absl/container/internal/layout.h +190 -74
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +8 -6
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +334 -71
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +1299 -458
- data/third_party/abseil-cpp/absl/crc/internal/crc32_x86_arm_combined_simd.h +19 -17
- data/third_party/abseil-cpp/absl/crc/internal/crc_cord_state.cc +4 -3
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_fallback.cc +2 -1
- data/third_party/abseil-cpp/absl/crc/internal/crc_memcpy_x86_arm_combined.cc +12 -8
- data/third_party/abseil-cpp/absl/crc/internal/crc_non_temporal_memcpy.cc +1 -1
- data/third_party/abseil-cpp/absl/crc/internal/crc_x86_arm_combined.cc +11 -7
- data/third_party/abseil-cpp/absl/crc/internal/non_temporal_memcpy.h +18 -17
- data/third_party/abseil-cpp/absl/debugging/internal/bounded_utf8_length_sequence.h +126 -0
- data/third_party/abseil-cpp/absl/debugging/internal/decode_rust_punycode.cc +258 -0
- data/third_party/abseil-cpp/absl/debugging/internal/decode_rust_punycode.h +55 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +1057 -86
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +3 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle_rust.cc +925 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle_rust.h +42 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +43 -16
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +8 -7
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +10 -7
- data/third_party/abseil-cpp/absl/debugging/internal/utf8_for_code_point.cc +70 -0
- data/third_party/abseil-cpp/absl/debugging/internal/utf8_for_code_point.h +47 -0
- data/third_party/abseil-cpp/absl/flags/commandlineflag.h +11 -0
- data/third_party/abseil-cpp/absl/flags/flag.h +2 -0
- data/third_party/abseil-cpp/absl/flags/internal/flag.cc +117 -30
- data/third_party/abseil-cpp/absl/flags/internal/flag.h +192 -30
- data/third_party/abseil-cpp/absl/flags/reflection.cc +10 -0
- data/third_party/abseil-cpp/absl/functional/any_invocable.h +13 -3
- data/third_party/abseil-cpp/absl/functional/bind_front.h +3 -2
- data/third_party/abseil-cpp/absl/functional/internal/any_invocable.h +7 -7
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +9 -9
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +1 -1
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +13 -3
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.cc +60 -28
- data/third_party/abseil-cpp/absl/hash/internal/low_level_hash.h +4 -0
- data/third_party/abseil-cpp/absl/log/absl_vlog_is_on.h +3 -3
- data/third_party/abseil-cpp/absl/log/globals.h +28 -15
- data/third_party/abseil-cpp/absl/log/internal/check_op.cc +20 -0
- data/third_party/abseil-cpp/absl/log/internal/check_op.h +63 -21
- data/third_party/abseil-cpp/absl/log/internal/conditions.h +2 -2
- data/third_party/abseil-cpp/absl/log/internal/log_impl.h +23 -23
- data/third_party/abseil-cpp/absl/log/internal/log_message.cc +104 -47
- data/third_party/abseil-cpp/absl/log/internal/log_message.h +23 -4
- data/third_party/abseil-cpp/absl/log/internal/nullstream.h +1 -10
- data/third_party/abseil-cpp/absl/log/internal/strip.h +36 -0
- data/third_party/abseil-cpp/absl/log/log.h +5 -1
- data/third_party/abseil-cpp/absl/log/log_sink.h +11 -4
- data/third_party/abseil-cpp/absl/log/vlog_is_on.h +3 -3
- data/third_party/abseil-cpp/absl/meta/type_traits.h +138 -42
- data/third_party/abseil-cpp/absl/numeric/int128.cc +0 -3
- data/third_party/abseil-cpp/absl/numeric/int128.h +35 -5
- data/third_party/abseil-cpp/absl/numeric/int128_have_intrinsic.inc +14 -0
- data/third_party/abseil-cpp/absl/numeric/int128_no_intrinsic.inc +18 -0
- data/third_party/abseil-cpp/absl/numeric/internal/bits.h +6 -2
- data/third_party/abseil-cpp/absl/random/beta_distribution.h +8 -8
- data/third_party/abseil-cpp/absl/random/bit_gen_ref.h +9 -7
- data/third_party/abseil-cpp/absl/random/distributions.h +11 -11
- data/third_party/abseil-cpp/absl/random/seed_sequences.h +2 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +61 -2
- data/third_party/abseil-cpp/absl/status/status.cc +0 -4
- data/third_party/abseil-cpp/absl/status/status.h +4 -4
- data/third_party/abseil-cpp/absl/status/statusor.h +108 -142
- data/third_party/abseil-cpp/absl/strings/ascii.cc +32 -71
- data/third_party/abseil-cpp/absl/strings/cord.cc +20 -15
- data/third_party/abseil-cpp/absl/strings/cord.h +68 -7
- data/third_party/abseil-cpp/absl/strings/escaping.cc +96 -21
- data/third_party/abseil-cpp/absl/strings/escaping.h +25 -8
- data/third_party/abseil-cpp/absl/strings/has_absl_stringify.h +1 -0
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +10 -0
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +29 -9
- data/third_party/abseil-cpp/absl/strings/internal/cord_rep_btree.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.cc +19 -13
- data/third_party/abseil-cpp/absl/strings/internal/cordz_functions.h +23 -13
- data/third_party/abseil-cpp/absl/strings/internal/cordz_handle.cc +24 -24
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.cc +12 -7
- data/third_party/abseil-cpp/absl/strings/internal/cordz_info.h +9 -4
- data/third_party/abseil-cpp/absl/strings/internal/escaping.cc +5 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_join_internal.h +23 -2
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +5 -1
- data/third_party/abseil-cpp/absl/strings/numbers.cc +107 -333
- data/third_party/abseil-cpp/absl/strings/numbers.h +12 -151
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +49 -142
- data/third_party/abseil-cpp/absl/strings/str_cat.h +70 -85
- data/third_party/abseil-cpp/absl/strings/str_format.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_join.h +19 -5
- data/third_party/abseil-cpp/absl/strings/str_split.h +2 -2
- data/third_party/abseil-cpp/absl/strings/string_view.h +3 -2
- data/third_party/abseil-cpp/absl/strings/substitute.cc +4 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +11 -2
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +5 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +5 -4
- data/third_party/abseil-cpp/absl/time/civil_time.h +2 -2
- data/third_party/abseil-cpp/absl/time/clock.cc +15 -1
- data/third_party/abseil-cpp/absl/time/duration.cc +58 -53
- data/third_party/abseil-cpp/absl/time/format.cc +2 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +1 -1
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +0 -29
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +3 -3
- data/third_party/abseil-cpp/absl/time/time.h +73 -29
- data/third_party/abseil-cpp/absl/types/compare.h +505 -0
- data/third_party/abseil-cpp/absl/types/internal/optional.h +2 -2
- data/third_party/abseil-cpp/absl/types/internal/variant.h +55 -67
- data/third_party/abseil-cpp/absl/types/optional.h +15 -18
- data/third_party/abseil-cpp/absl/types/span.h +3 -2
- data/third_party/abseil-cpp/absl/types/variant.h +19 -24
- data/third_party/abseil-cpp/absl/utility/utility.h +3 -41
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.cc +243 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.cc +53 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.cc +47 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.cc +42 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.cc +109 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.cc +43 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.cc +424 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.cc +239 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.cc +193 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.cc +32 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.cc +415 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.cc +206 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.cc +224 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.cc +172 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.cc +109 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.cc +355 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.cc +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.cc +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.cc +63 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.cc +52 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/internal.h +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.cc +241 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.cc +932 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.cc +669 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.cc +164 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.cc +276 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.cc +84 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.cc +229 -0
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.cc +434 -0
- data/third_party/boringssl-with-bazel/src/crypto/bcm_support.h +119 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.cc +658 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.cc +268 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.cc +511 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/errno.cc +50 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.cc +193 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.cc +292 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.cc +152 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.cc +446 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.cc +59 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.cc +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.cc +133 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.cc +169 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/bn_asn1.cc +57 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn/convert.cc +423 -0
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.cc +118 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.cc +53 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.cc +266 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.cc +702 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.cc +912 -0
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.cc +156 -0
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.cc +224 -0
- data/third_party/boringssl-with-bazel/src/crypto/chacha/internal.h +18 -18
- data/third_party/boringssl-with-bazel/src/crypto/cipher/derive_key.cc +110 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesctrhmac.cc +279 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_aesgcmsiv.cc +845 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_chacha20poly1305.cc +341 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_des.cc +198 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_null.cc +51 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc2.cc +417 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_rc4.cc +54 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/e_tls.cc +599 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/get_cipher.cc +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/internal.h +240 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher/tls_cbc.cc +476 -0
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.cc +631 -0
- data/third_party/boringssl-with-bazel/src/crypto/conf/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.cc +75 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.cc +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.cc +62 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.cc +61 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.cc +94 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.cc +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.cc +54 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.cc +151 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.cc +287 -0
- data/third_party/boringssl-with-bazel/src/crypto/crypto.cc +183 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.cc +2154 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.cc +18 -0
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_tables.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.cc +529 -0
- data/third_party/boringssl-with-bazel/src/crypto/des/des.cc +829 -0
- data/third_party/boringssl-with-bazel/src/crypto/des/internal.h +27 -69
- data/third_party/boringssl-with-bazel/src/crypto/dh/dh_asn1.cc +124 -0
- data/third_party/boringssl-with-bazel/src/crypto/dh/params.cc +442 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest/digest_extra.cc +306 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.cc +951 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.cc +379 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +13 -15
- data/third_party/boringssl-with-bazel/src/crypto/ec/ec_asn1.cc +570 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec/ec_derive.cc +96 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec/hash_to_curve.cc +510 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec/internal.h +78 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdh/ecdh.cc +73 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa/ecdsa_asn1.cc +357 -0
- data/third_party/boringssl-with-bazel/src/crypto/engine/engine.cc +95 -0
- data/third_party/boringssl-with-bazel/src/crypto/err/err.cc +810 -0
- data/third_party/boringssl-with-bazel/src/crypto/err/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.cc +379 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.cc +471 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.cc +440 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.cc +153 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.cc +142 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.cc +279 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.cc +230 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.cc +286 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.cc +103 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.cc +225 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.cc +236 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.cc +609 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.cc +198 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.cc +109 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.cc +237 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.cc +98 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.cc +342 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.cc +216 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.cc +114 -0
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.cc +141 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.cc.inc +191 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.cc.inc +1281 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/cbc.cc.inc +130 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/cfb.cc.inc +166 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ctr.cc.inc +100 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm.cc.inc +604 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/gcm_nohw.cc.inc +302 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/internal.h +421 -70
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.cc.inc +208 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.cc.inc +84 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/ofb.cc.inc +53 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/polyval.cc.inc +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.cc +282 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm_interface.h +729 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.cc.inc +269 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.cc.inc +554 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.cc.inc +374 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.cc.inc +225 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.cc.inc +159 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.cc.inc +191 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.cc.inc +825 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.cc.inc +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.cc.inc +1227 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.cc.inc +300 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.cc.inc +339 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.cc.inc +582 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +25 -134
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.cc.inc +108 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.cc.inc +430 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.cc.inc +222 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.cc.inc +698 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.cc.inc +980 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.cc.inc +260 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.cc.inc +142 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.h +20 -17
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.cc.inc +320 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.cc.inc +459 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.cc.inc +295 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.cc.inc +672 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.cc.inc +1242 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.cc.inc +409 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/internal.h +14 -65
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/cmac.cc.inc +288 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/delocate.h +26 -22
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.cc.inc +203 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.cc.inc +443 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/internal.h +13 -15
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.cc.inc +250 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.cc.inc +178 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/internal.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/md32_common.h +13 -47
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/digestsign.cc.inc +226 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/builtin_curves.h +91 -91
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.cc.inc +986 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.cc.inc +501 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.cc.inc +439 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.cc.inc +104 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +19 -66
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.cc.inc +306 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.cc.inc +1163 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz-table.h +15 -10
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.cc.inc +741 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.h +87 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.cc.inc +749 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.cc.inc +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.cc.inc +284 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.cc.inc +269 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.cc.inc +255 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.cc.inc +221 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.cc.inc +88 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.cc.inc +278 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/internal.h +41 -24
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.cc +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.cc.inc +112 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.cc.inc +215 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/internal.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/keccak/keccak.cc.inc +279 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mldsa/mldsa.cc.inc +1993 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/mlkem/mlkem.cc.inc +1165 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.cc.inc +214 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +19 -104
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.cc.inc +483 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.cc.inc +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +13 -56
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.cc.inc +379 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.cc.inc +983 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.cc.inc +1296 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.cc.inc +129 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.cc.inc +1042 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/internal.h +36 -36
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.cc.inc +327 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/internal.h +43 -57
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.cc.inc +390 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.cc.inc +299 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.cc.inc +473 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/address.h +119 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.cc.inc +169 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/fors.h +58 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.cc.inc +161 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/merkle.h +70 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/params.h +78 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/slhdsa.cc.inc +329 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.cc.inc +173 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/thash.h +85 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.cc.inc +171 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/slhdsa/wots.h +50 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.cc.inc +180 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.cc +1095 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.cc +2185 -0
- data/third_party/boringssl-with-bazel/src/crypto/hrss/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/internal.h +302 -447
- data/third_party/boringssl-with-bazel/src/crypto/kyber/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.cc +869 -0
- data/third_party/boringssl-with-bazel/src/crypto/lhash/internal.h +31 -75
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.cc +309 -0
- data/third_party/boringssl-with-bazel/src/crypto/md4/md4.cc +194 -0
- data/third_party/boringssl-with-bazel/src/crypto/md5/internal.h +37 -0
- data/third_party/boringssl-with-bazel/src/crypto/md5/md5.cc +243 -0
- data/third_party/boringssl-with-bazel/src/crypto/mem.cc +583 -0
- data/third_party/boringssl-with-bazel/src/crypto/mldsa/mldsa.cc +90 -0
- data/third_party/boringssl-with-bazel/src/crypto/mlkem/mlkem.cc +152 -0
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.cc +519 -0
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +18 -57
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.cc +80 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/internal.h +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.cc +149 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.cc +254 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.cc +741 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.cc +45 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.cc +208 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.cc +141 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.cc +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.cc +22 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.cc +193 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.cc +526 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +14 -54
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.cc +275 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.cc +487 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.cc +1304 -0
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.cc +314 -0
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.cc +310 -0
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.cc +850 -0
- data/third_party/boringssl-with-bazel/src/crypto/pool/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.cc +262 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/deterministic.cc +65 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/fork_detect.cc +194 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/forkunsafe.cc +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/getentropy.cc +60 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/getrandom_fillin.h +64 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/ios.cc +42 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/passive.cc +178 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/rand.cc +77 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/sysrand_internal.h +37 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/trusty.cc +46 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/urandom.cc +328 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand/windows.cc +102 -0
- data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.cc +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/refcount.cc +59 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/internal.h +36 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_asn1.cc +283 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_crypt.cc +531 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_extra.cc +19 -0
- data/third_party/boringssl-with-bazel/src/crypto/rsa/rsa_print.cc +27 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha1.cc +52 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha256.cc +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/sha/sha512.cc +104 -0
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.cc +79 -0
- data/third_party/boringssl-with-bazel/src/crypto/slhdsa/slhdsa.cc +113 -0
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/internal.h +204 -0
- data/third_party/boringssl-with-bazel/src/crypto/spake2plus/spake2plus.cc +501 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.cc +496 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread.cc +68 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_none.cc +51 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.cc +151 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.cc +240 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +13 -13
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.cc +1656 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.cc +685 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.cc +1263 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.cc +52 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.cc +97 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.cc +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.cc +136 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.cc +542 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.cc +355 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.cc +227 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/ext_dat.h +13 -55
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.cc +37 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/internal.h +13 -57
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.cc +185 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.cc +796 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.cc +364 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.cc +103 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.cc +203 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.cc +287 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.cc +79 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akey.cc +181 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.cc +31 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_alt.cc +593 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.cc +95 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.cc +102 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.cc +374 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.cc +444 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.cc +557 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.cc +73 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.cc +114 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_genn.cc +228 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.cc +79 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.cc +164 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.cc +81 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.cc +304 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ncons.cc +514 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ocsp.cc +89 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.cc +101 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pmaps.cc +109 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_prn.cc +183 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.cc +590 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.cc +131 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.cc +1342 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.cc +47 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.cc +186 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.cc +238 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.cc +66 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.cc +44 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.cc +139 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.cc +554 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.cc +164 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.cc +257 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.cc +198 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.cc +118 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.cc +147 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.cc +249 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.cc +1600 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.cc +440 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.cc +235 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.cc +365 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.cc +67 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.cc +91 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.cc +107 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.cc +318 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.cc +55 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.cc +342 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.cc +36 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.cc +492 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.cc +170 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.cc +74 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.cc +51 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.cc +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.cc +28 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.cc +506 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.cc +169 -0
- data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.cc +1529 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +13 -47
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +13 -51
- data/third_party/boringssl-with-bazel/src/include/openssl/asm_base.h +14 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +37 -63
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1_mac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +248 -328
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +24 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/base64.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/bcm_public.h +82 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/blowfish.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/bn.h +28 -130
- data/third_party/boringssl-with-bazel/src/include/openssl/buf.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/buffer.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +31 -16
- data/third_party/boringssl-with-bazel/src/include/openssl/cast.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/chacha.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +31 -59
- data/third_party/boringssl-with-bazel/src/include/openssl/cmac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/conf.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +25 -14
- data/third_party/boringssl-with-bazel/src/include/openssl/ctrdrbg.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/curve25519.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +17 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +19 -56
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +17 -58
- data/third_party/boringssl-with-bazel/src/include/openssl/dtls1.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/e_os2.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +14 -66
- data/third_party/boringssl-with-bazel/src/include/openssl/ec_key.h +31 -72
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdh.h +14 -65
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +13 -51
- data/third_party/boringssl-with-bazel/src/include/openssl/engine.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +13 -107
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +14 -56
- data/third_party/boringssl-with-bazel/src/include/openssl/evp_errors.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/ex_data.h +13 -107
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/kyber.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/hkdf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/hmac.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/hpke.h +21 -19
- data/third_party/boringssl-with-bazel/src/include/openssl/hrss.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/is_boringssl.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/kdf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/lhash.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/md4.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/md5.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/mem.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/mldsa.h +130 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/mlkem.h +222 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +30 -69
- data/third_party/boringssl-with-bazel/src/include/openssl/obj.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/obj_mac.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/objects.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslv.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ossl_typ.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +25 -64
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs12.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs7.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pkcs8.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/poly1305.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/pool.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/posix_time.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/rc4.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/ripemd.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +23 -63
- data/third_party/boringssl-with-bazel/src/include/openssl/safestack.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/service_indicator.h +15 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +15 -95
- data/third_party/boringssl-with-bazel/src/include/openssl/siphash.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/slhdsa.h +174 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +42 -28
- data/third_party/boringssl-with-bazel/src/include/openssl/srtp.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +382 -284
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl3.h +15 -114
- data/third_party/boringssl-with-bazel/src/include/openssl/stack.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/target.h +23 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/thread.h +15 -57
- data/third_party/boringssl-with-bazel/src/include/openssl/time.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +27 -156
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +15 -15
- data/third_party/boringssl-with-bazel/src/include/openssl/type_check.h +13 -55
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +14 -61
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +13 -13
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3_errors.h +13 -53
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +15 -14
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +684 -439
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +129 -168
- data/third_party/boringssl-with-bazel/src/ssl/d1_pkt.cc +176 -126
- data/third_party/boringssl-with-bazel/src/ssl/d1_srtp.cc +21 -127
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +112 -97
- data/third_party/boringssl-with-bazel/src/ssl/dtls_record.cc +454 -221
- data/third_party/boringssl-with-bazel/src/ssl/encrypted_client_hello.cc +54 -47
- data/third_party/boringssl-with-bazel/src/ssl/extensions.cc +679 -475
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +66 -73
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +61 -153
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +232 -334
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +102 -215
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +993 -482
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +87 -169
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +29 -159
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +39 -113
- data/third_party/boringssl-with-bazel/src/ssl/ssl_aead_ctx.cc +103 -111
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +52 -145
- data/third_party/boringssl-with-bazel/src/ssl/ssl_buffer.cc +22 -24
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +117 -157
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +229 -365
- data/third_party/boringssl-with-bazel/src/ssl/ssl_credential.cc +216 -31
- data/third_party/boringssl-with-bazel/src/ssl/ssl_file.cc +13 -109
- data/third_party/boringssl-with-bazel/src/ssl/ssl_key_share.cc +127 -32
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +209 -336
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +38 -83
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +101 -236
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +17 -91
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +109 -157
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +47 -27
- data/third_party/boringssl-with-bazel/src/ssl/ssl_x509.cc +66 -195
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +45 -176
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +58 -42
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +152 -86
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +296 -163
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +247 -108
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +64 -117
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +55 -157
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +6 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +6 -0
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64_adx.h +4 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1 -1
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +3 -0
- data/third_party/upb/upb/json/decode.c +59 -13
- data/third_party/upb/upb/json/decode.h +26 -3
- data/third_party/upb/upb/json/encode.c +2 -2
- data/third_party/upb/upb/lex/round_trip.c +10 -0
- data/third_party/upb/upb/mem/arena.c +13 -2
- data/third_party/upb/upb/mem/arena.h +9 -0
- data/third_party/upb/upb/mem/arena.hpp +5 -1
- data/third_party/upb/upb/message/accessors.c +2 -4
- data/third_party/upb/upb/message/accessors.h +178 -379
- data/third_party/upb/upb/message/copy.c +11 -7
- data/third_party/upb/upb/message/internal/accessors.h +578 -26
- data/third_party/upb/upb/message/internal/extension.c +1 -0
- data/third_party/upb/upb/message/internal/message.c +13 -14
- data/third_party/upb/upb/message/internal/message.h +8 -7
- data/third_party/upb/upb/message/merge.c +38 -0
- data/third_party/upb/upb/message/merge.h +26 -0
- data/third_party/upb/upb/message/message.h +6 -10
- data/third_party/upb/upb/message/value.h +26 -0
- data/third_party/upb/upb/mini_descriptor/decode.c +7 -2
- data/third_party/upb/upb/mini_descriptor/link.c +7 -3
- data/third_party/upb/upb/mini_table/extension_registry.c +18 -0
- data/third_party/upb/upb/mini_table/extension_registry.h +17 -0
- data/third_party/upb/upb/mini_table/internal/extension.h +9 -0
- data/third_party/upb/upb/mini_table/internal/message.c +21 -1
- data/third_party/upb/upb/mini_table/internal/message.h +40 -20
- data/third_party/upb/upb/mini_table/internal/sub.h +5 -0
- data/third_party/upb/upb/mini_table/message.h +11 -1
- data/third_party/upb/upb/port/def.inc +99 -9
- data/third_party/upb/upb/port/undef.inc +7 -0
- data/third_party/upb/upb/reflection/common.h +1 -11
- data/third_party/upb/upb/reflection/def.hpp +8 -0
- data/third_party/upb/upb/reflection/descriptor_bootstrap.h +19 -0
- data/third_party/upb/upb/reflection/field_def.c +11 -22
- data/third_party/upb/upb/reflection/field_def.h +1 -0
- data/third_party/upb/upb/reflection/internal/upb_edition_defaults.h +1 -1
- data/third_party/upb/upb/reflection/message.c +8 -3
- data/third_party/upb/upb/reflection/message.h +2 -2
- data/third_party/upb/upb/text/encode.c +51 -394
- data/third_party/upb/upb/text/encode.h +1 -11
- data/third_party/upb/upb/text/internal/encode.c +180 -0
- data/third_party/upb/upb/text/internal/encode.h +240 -0
- data/third_party/upb/upb/text/options.h +22 -0
- data/third_party/upb/upb/wire/decode.c +71 -39
- data/third_party/upb/upb/wire/decode.h +4 -1
- data/third_party/upb/upb/wire/encode.c +41 -18
- data/third_party/upb/upb/wire/encode.h +3 -0
- data/third_party/upb/upb/wire/internal/decode_fast.c +3 -0
- metadata +525 -460
- data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.cc +0 -45
- data/src/core/ext/transport/chttp2/transport/max_concurrent_streams_policy.h +0 -67
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb.h +0 -419
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.c +0 -84
- data/src/core/ext/upb-gen/envoy/config/trace/v3/opencensus.upb_minitable.h +0 -30
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb.h +0 -400
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.c +0 -118
- data/src/core/ext/upb-gen/opencensus/proto/trace/v1/trace_config.upb_minitable.h +0 -33
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.c +0 -107
- data/src/core/ext/upbdefs-gen/envoy/config/trace/v3/opencensus.upbdefs.h +0 -32
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.c +0 -66
- data/src/core/ext/upbdefs-gen/opencensus/proto/trace/v1/trace_config.upbdefs.h +0 -47
- data/src/core/lib/avl/avl.h +0 -325
- data/src/core/lib/backoff/backoff.cc +0 -47
- data/src/core/lib/backoff/backoff.h +0 -89
- data/src/core/lib/backoff/random_early_detection.cc +0 -33
- data/src/core/lib/backoff/random_early_detection.h +0 -62
- data/src/core/lib/config/config_vars.cc +0 -142
- data/src/core/lib/config/config_vars.h +0 -121
- data/src/core/lib/config/config_vars_non_generated.cc +0 -49
- data/src/core/lib/config/core_configuration.cc +0 -112
- data/src/core/lib/config/core_configuration.h +0 -244
- data/src/core/lib/config/load_config.cc +0 -79
- data/src/core/lib/config/load_config.h +0 -55
- data/src/core/lib/debug/event_log.cc +0 -88
- data/src/core/lib/debug/event_log.h +0 -81
- data/src/core/lib/gprpp/atomic_utils.h +0 -47
- data/src/core/lib/gprpp/bitset.h +0 -225
- data/src/core/lib/gprpp/chunked_vector.h +0 -258
- data/src/core/lib/gprpp/construct_destruct.h +0 -40
- data/src/core/lib/gprpp/cpp_impl_of.h +0 -49
- data/src/core/lib/gprpp/crash.cc +0 -41
- data/src/core/lib/gprpp/crash.h +0 -37
- data/src/core/lib/gprpp/debug_location.h +0 -106
- data/src/core/lib/gprpp/directory_reader.h +0 -48
- data/src/core/lib/gprpp/down_cast.h +0 -49
- data/src/core/lib/gprpp/dual_ref_counted.h +0 -377
- data/src/core/lib/gprpp/dump_args.cc +0 -54
- data/src/core/lib/gprpp/dump_args.h +0 -117
- data/src/core/lib/gprpp/env.h +0 -53
- data/src/core/lib/gprpp/examine_stack.cc +0 -43
- data/src/core/lib/gprpp/examine_stack.h +0 -45
- data/src/core/lib/gprpp/fork.cc +0 -241
- data/src/core/lib/gprpp/fork.h +0 -98
- data/src/core/lib/gprpp/glob.h +0 -29
- data/src/core/lib/gprpp/host_port.cc +0 -116
- data/src/core/lib/gprpp/host_port.h +0 -57
- data/src/core/lib/gprpp/if_list.h +0 -4530
- data/src/core/lib/gprpp/linux/env.cc +0 -62
- data/src/core/lib/gprpp/load_file.cc +0 -77
- data/src/core/lib/gprpp/load_file.h +0 -34
- data/src/core/lib/gprpp/manual_constructor.h +0 -146
- data/src/core/lib/gprpp/match.h +0 -75
- data/src/core/lib/gprpp/memory.h +0 -52
- data/src/core/lib/gprpp/mpscq.cc +0 -108
- data/src/core/lib/gprpp/mpscq.h +0 -100
- data/src/core/lib/gprpp/no_destruct.h +0 -95
- data/src/core/lib/gprpp/notification.h +0 -67
- data/src/core/lib/gprpp/orphanable.h +0 -153
- data/src/core/lib/gprpp/overload.h +0 -59
- data/src/core/lib/gprpp/packed_table.h +0 -40
- data/src/core/lib/gprpp/per_cpu.cc +0 -34
- data/src/core/lib/gprpp/per_cpu.h +0 -103
- data/src/core/lib/gprpp/posix/directory_reader.cc +0 -82
- data/src/core/lib/gprpp/posix/env.cc +0 -47
- data/src/core/lib/gprpp/posix/stat.cc +0 -55
- data/src/core/lib/gprpp/posix/thd.cc +0 -246
- data/src/core/lib/gprpp/ref_counted.h +0 -403
- data/src/core/lib/gprpp/ref_counted_ptr.h +0 -445
- data/src/core/lib/gprpp/ref_counted_string.cc +0 -43
- data/src/core/lib/gprpp/ref_counted_string.h +0 -161
- data/src/core/lib/gprpp/single_set_ptr.h +0 -90
- data/src/core/lib/gprpp/sorted_pack.h +0 -89
- data/src/core/lib/gprpp/stat.h +0 -36
- data/src/core/lib/gprpp/status_helper.cc +0 -434
- data/src/core/lib/gprpp/status_helper.h +0 -162
- data/src/core/lib/gprpp/strerror.cc +0 -41
- data/src/core/lib/gprpp/strerror.h +0 -29
- data/src/core/lib/gprpp/sync.h +0 -200
- data/src/core/lib/gprpp/table.h +0 -460
- data/src/core/lib/gprpp/tchar.cc +0 -49
- data/src/core/lib/gprpp/tchar.h +0 -33
- data/src/core/lib/gprpp/thd.h +0 -195
- data/src/core/lib/gprpp/time.cc +0 -241
- data/src/core/lib/gprpp/time.h +0 -380
- data/src/core/lib/gprpp/time_averaged_stats.cc +0 -60
- data/src/core/lib/gprpp/time_averaged_stats.h +0 -79
- data/src/core/lib/gprpp/time_util.cc +0 -82
- data/src/core/lib/gprpp/time_util.h +0 -41
- data/src/core/lib/gprpp/type_list.h +0 -32
- data/src/core/lib/gprpp/unique_type_name.h +0 -124
- data/src/core/lib/gprpp/uuid_v4.cc +0 -37
- data/src/core/lib/gprpp/uuid_v4.h +0 -36
- data/src/core/lib/gprpp/validation_errors.cc +0 -74
- data/src/core/lib/gprpp/validation_errors.h +0 -145
- data/src/core/lib/gprpp/windows/directory_reader.cc +0 -81
- data/src/core/lib/gprpp/windows/env.cc +0 -56
- data/src/core/lib/gprpp/windows/stat.cc +0 -51
- data/src/core/lib/gprpp/windows/thd.cc +0 -185
- data/src/core/lib/gprpp/work_serializer.cc +0 -554
- data/src/core/lib/gprpp/work_serializer.h +0 -106
- data/src/core/lib/gprpp/xxhash_inline.h +0 -29
- data/src/core/lib/iomgr/gethostname.h +0 -26
- data/src/core/lib/iomgr/gethostname_fallback.cc +0 -30
- data/src/core/lib/iomgr/gethostname_host_name_max.cc +0 -40
- data/src/core/lib/iomgr/gethostname_sysconf.cc +0 -40
- data/src/core/lib/iomgr/grpc_if_nametoindex.h +0 -30
- data/src/core/lib/iomgr/grpc_if_nametoindex_posix.cc +0 -42
- data/src/core/lib/iomgr/grpc_if_nametoindex_unsupported.cc +0 -37
- data/src/core/lib/matchers/matchers.cc +0 -330
- data/src/core/lib/matchers/matchers.h +0 -163
- data/src/core/lib/uri/uri_parser.cc +0 -372
- data/src/core/lib/uri/uri_parser.h +0 -101
- data/src/core/resolver/binder/binder_resolver.cc +0 -155
- data/src/core/util/android/log.cc +0 -48
- data/src/core/util/atm.cc +0 -35
- data/src/core/util/linux/log.cc +0 -69
- data/src/core/util/posix/log.cc +0 -69
- data/src/core/util/windows/log.cc +0 -73
- data/src/core/xds/xds_client/xds_client_stats.cc +0 -171
- data/src/core/xds/xds_client/xds_client_stats.h +0 -258
- data/third_party/abseil-cpp/absl/strings/internal/has_absl_stringify.h +0 -44
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +0 -284
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bool.c +0 -95
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_d2i_fp.c +0 -89
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_dup.c +0 -84
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_gentm.c +0 -151
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_i2d_fp.c +0 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +0 -465
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_mbstr.c +0 -279
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +0 -235
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +0 -74
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strex.c +0 -457
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_strnid.c +0 -245
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +0 -259
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +0 -214
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +0 -183
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +0 -397
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_par.c +0 -103
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +0 -98
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +0 -105
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +0 -94
- data/third_party/boringssl-with-bazel/src/crypto/asn1/posix_time.c +0 -241
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +0 -973
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +0 -708
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +0 -212
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +0 -317
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -126
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +0 -268
- data/third_party/boringssl-with-bazel/src/crypto/base64/base64.c +0 -479
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +0 -726
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio_mem.c +0 -309
- data/third_party/boringssl-with-bazel/src/crypto/bio/connect.c +0 -544
- data/third_party/boringssl-with-bazel/src/crypto/bio/errno.c +0 -92
- data/third_party/boringssl-with-bazel/src/crypto/bio/fd.c +0 -235
- data/third_party/boringssl-with-bazel/src/crypto/bio/file.c +0 -334
- data/third_party/boringssl-with-bazel/src/crypto/bio/hexdump.c +0 -192
- data/third_party/boringssl-with-bazel/src/crypto/bio/pair.c +0 -480
- data/third_party/boringssl-with-bazel/src/crypto/bio/printf.c +0 -102
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +0 -133
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +0 -169
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +0 -57
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/convert.c +0 -465
- data/third_party/boringssl-with-bazel/src/crypto/buf/buf.c +0 -158
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/asn1_compat.c +0 -53
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +0 -266
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbb.c +0 -718
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +0 -911
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/unicode.c +0 -156
- data/third_party/boringssl-with-bazel/src/crypto/chacha/chacha.c +0 -224
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/cipher_extra.c +0 -127
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +0 -152
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesctrhmac.c +0 -284
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_aesgcmsiv.c +0 -841
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +0 -348
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_des.c +0 -228
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_null.c +0 -90
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc2.c +0 -455
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_rc4.c +0 -94
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_tls.c +0 -598
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +0 -237
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +0 -514
- data/third_party/boringssl-with-bazel/src/crypto/conf/conf.c +0 -672
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_apple.c +0 -75
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_fuchsia.c +0 -55
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_linux.c +0 -62
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_openbsd.c +0 -61
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_sysreg.c +0 -93
- data/third_party/boringssl-with-bazel/src/crypto/cpu_aarch64_win.c +0 -41
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_freebsd.c +0 -54
- data/third_party/boringssl-with-bazel/src/crypto/cpu_arm_linux.c +0 -151
- data/third_party/boringssl-with-bazel/src/crypto/cpu_intel.c +0 -277
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +0 -188
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519.c +0 -2157
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/curve25519_64_adx.c +0 -18
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +0 -523
- data/third_party/boringssl-with-bazel/src/crypto/des/des.c +0 -871
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/dh_asn1.c +0 -165
- data/third_party/boringssl-with-bazel/src/crypto/dh_extra/params.c +0 -480
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +0 -266
- data/third_party/boringssl-with-bazel/src/crypto/dilithium/dilithium.c +0 -1539
- data/third_party/boringssl-with-bazel/src/crypto/dilithium/internal.h +0 -58
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +0 -997
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +0 -419
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +0 -572
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_derive.c +0 -96
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +0 -508
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +0 -78
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +0 -124
- data/third_party/boringssl-with-bazel/src/crypto/ecdsa_extra/ecdsa_asn1.c +0 -265
- data/third_party/boringssl-with-bazel/src/crypto/engine/engine.c +0 -91
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +0 -903
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +0 -430
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +0 -547
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_ctx.c +0 -483
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh.c +0 -137
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dh_asn1.c +0 -120
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +0 -338
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec.c +0 -274
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ec_asn1.c +0 -332
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519.c +0 -100
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_ed25519_asn1.c +0 -224
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_hkdf.c +0 -232
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa.c +0 -646
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_rsa_asn1.c +0 -241
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519.c +0 -106
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_x25519_asn1.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/evp/pbkdf.c +0 -146
- data/third_party/boringssl-with-bazel/src/crypto/evp/print.c +0 -381
- data/third_party/boringssl-with-bazel/src/crypto/evp/scrypt.c +0 -209
- data/third_party/boringssl-with-bazel/src/crypto/evp/sign.c +0 -156
- data/third_party/boringssl-with-bazel/src/crypto/ex_data.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes.c +0 -127
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +0 -1281
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/key_wrap.c +0 -242
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +0 -124
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +0 -278
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/add.c +0 -310
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/asm/x86_64-gcc.c +0 -541
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +0 -428
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bytes.c +0 -267
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/cmp.c +0 -201
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/ctx.c +0 -234
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +0 -909
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div_extra.c +0 -87
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +0 -1320
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd.c +0 -397
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/gcd_extra.c +0 -331
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/generic.c +0 -624
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/jacobi.c +0 -146
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +0 -532
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery_inv.c +0 -222
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +0 -744
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/prime.c +0 -1077
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/random.c +0 -356
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/rsaz_exp.c +0 -137
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/shift.c +0 -363
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/sqrt.c +0 -499
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/aead.c +0 -287
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +0 -717
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +0 -1463
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aesccm.c +0 -446
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cmac/cmac.c +0 -322
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/check.c +0 -245
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/dh/dh.c +0 -489
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +0 -288
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +0 -304
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digestsign/digestsign.c +0 -267
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +0 -1043
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +0 -557
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +0 -491
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +0 -104
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +0 -359
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +0 -1163
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-nistz.c +0 -642
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +0 -749
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +0 -173
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +0 -336
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +0 -269
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +0 -255
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +0 -264
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +0 -130
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +0 -372
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/fips_shared_support.c +0 -29
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hkdf/hkdf.c +0 -112
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/hmac/hmac.c +0 -256
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md4/md4.c +0 -240
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/internal.h +0 -37
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/md5/md5.c +0 -284
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cbc.c +0 -164
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/cfb.c +0 -200
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ctr.c +0 -196
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm.c +0 -743
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/gcm_nohw.c +0 -302
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/internal.h +0 -428
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/ofb.c +0 -87
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/modes/polyval.c +0 -90
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/ctrdrbg.c +0 -220
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +0 -197
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +0 -68
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +0 -64
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +0 -493
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +0 -328
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +0 -241
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/padding.c +0 -423
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +0 -1038
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +0 -1351
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/fips.c +0 -121
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +0 -1064
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/service_indicator/service_indicator.c +0 -328
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha1.c +0 -439
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha256.c +0 -359
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +0 -543
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/tls/kdf.c +0 -218
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +0 -801
- data/third_party/boringssl-with-bazel/src/crypto/hrss/hrss.c +0 -2234
- data/third_party/boringssl-with-bazel/src/crypto/keccak/internal.h +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/keccak/keccak.c +0 -279
- data/third_party/boringssl-with-bazel/src/crypto/kyber/kyber.c +0 -845
- data/third_party/boringssl-with-bazel/src/crypto/lhash/lhash.c +0 -350
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +0 -609
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj.c +0 -564
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_xref.c +0 -122
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_all.c +0 -243
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_info.c +0 -294
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_lib.c +0 -790
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_oth.c +0 -87
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pk8.c +0 -251
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_pkey.c +0 -183
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_x509.c +0 -64
- data/third_party/boringssl-with-bazel/src/crypto/pem/pem_xaux.c +0 -64
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7.c +0 -193
- data/third_party/boringssl-with-bazel/src/crypto/pkcs7/pkcs7_x509.c +0 -523
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/p5_pbev2.c +0 -316
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8.c +0 -527
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +0 -1352
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +0 -314
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +0 -308
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +0 -847
- data/third_party/boringssl-with-bazel/src/crypto/pool/pool.c +0 -261
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +0 -57
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/forkunsafe.c +0 -44
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/getentropy.c +0 -52
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/ios.c +0 -34
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +0 -158
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +0 -74
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/trusty.c +0 -38
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +0 -95
- data/third_party/boringssl-with-bazel/src/crypto/rc4/rc4.c +0 -98
- data/third_party/boringssl-with-bazel/src/crypto/refcount.c +0 -59
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/internal.h +0 -77
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_asn1.c +0 -324
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_crypt.c +0 -570
- data/third_party/boringssl-with-bazel/src/crypto/rsa_extra/rsa_print.c +0 -22
- data/third_party/boringssl-with-bazel/src/crypto/siphash/siphash.c +0 -79
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.c +0 -101
- data/third_party/boringssl-with-bazel/src/crypto/spx/address.h +0 -50
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.c +0 -133
- data/third_party/boringssl-with-bazel/src/crypto/spx/fors.h +0 -54
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.c +0 -150
- data/third_party/boringssl-with-bazel/src/crypto/spx/merkle.h +0 -61
- data/third_party/boringssl-with-bazel/src/crypto/spx/params.h +0 -71
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx.c +0 -140
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.c +0 -53
- data/third_party/boringssl-with-bazel/src/crypto/spx/spx_util.h +0 -44
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.c +0 -136
- data/third_party/boringssl-with-bazel/src/crypto/spx/thash.h +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.c +0 -135
- data/third_party/boringssl-with-bazel/src/crypto/spx/wots.h +0 -45
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +0 -534
- data/third_party/boringssl-with-bazel/src/crypto/thread.c +0 -110
- data/third_party/boringssl-with-bazel/src/crypto/thread_none.c +0 -51
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +0 -150
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +0 -236
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +0 -1668
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +0 -687
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +0 -1267
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_digest.c +0 -94
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_sign.c +0 -136
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_verify.c +0 -116
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +0 -178
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +0 -585
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_dir.c +0 -400
- data/third_party/boringssl-with-bazel/src/crypto/x509/by_file.c +0 -269
- data/third_party/boringssl-with-bazel/src/crypto/x509/i2d_pr.c +0 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/name_print.c +0 -227
- data/third_party/boringssl-with-bazel/src/crypto/x509/policy.c +0 -786
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +0 -401
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +0 -145
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_req.c +0 -245
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +0 -329
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509a.c +0 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akey.c +0 -221
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_akeya.c +0 -73
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_alt.c +0 -634
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bcons.c +0 -135
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_bitst.c +0 -141
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_conf.c +0 -416
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_cpols.c +0 -482
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_crld.c +0 -598
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_enum.c +0 -112
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_extku.c +0 -154
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_genn.c +0 -270
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ia5.c +0 -122
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_info.c +0 -211
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_int.c +0 -121
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_lib.c +0 -344
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ncons.c +0 -555
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_ocsp.c +0 -81
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pcons.c +0 -142
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_pmaps.c +0 -150
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_prn.c +0 -224
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_purp.c +0 -624
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_skey.c +0 -170
- data/third_party/boringssl-with-bazel/src/crypto/x509/v3_utl.c +0 -1390
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -89
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_att.c +0 -227
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +0 -280
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_d2.c +0 -108
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_def.c +0 -86
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +0 -181
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_lu.c +0 -599
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +0 -206
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +0 -299
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +0 -240
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +0 -160
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +0 -189
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +0 -291
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +0 -1638
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vpm.c +0 -440
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +0 -277
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +0 -407
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509rset.c +0 -109
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509spki.c +0 -133
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_algor.c +0 -149
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +0 -356
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +0 -97
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +0 -384
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_exten.c +0 -78
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +0 -527
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +0 -210
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_req.c +0 -116
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +0 -93
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_spki.c +0 -79
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_val.c +0 -70
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +0 -544
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +0 -209
- data/third_party/boringssl-with-bazel/src/gen/crypto/err_data.c +0 -1514
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/dilithium.h +0 -131
- data/third_party/boringssl-with-bazel/src/include/openssl/experimental/spx.h +0 -90
- /data/src/core/{lib/gprpp → util}/glob.cc +0 -0
|
@@ -1,143 +1,18 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
* the code are not to be removed.
|
|
17
|
-
* If this package is used in a product, Eric Young should be given attribution
|
|
18
|
-
* as the author of the parts of the library used.
|
|
19
|
-
* This can be in the form of a textual message at program startup or
|
|
20
|
-
* in documentation (online or textual) provided with the package.
|
|
21
|
-
*
|
|
22
|
-
* Redistribution and use in source and binary forms, with or without
|
|
23
|
-
* modification, are permitted provided that the following conditions
|
|
24
|
-
* are met:
|
|
25
|
-
* 1. Redistributions of source code must retain the copyright
|
|
26
|
-
* notice, this list of conditions and the following disclaimer.
|
|
27
|
-
* 2. Redistributions in binary form must reproduce the above copyright
|
|
28
|
-
* notice, this list of conditions and the following disclaimer in the
|
|
29
|
-
* documentation and/or other materials provided with the distribution.
|
|
30
|
-
* 3. All advertising materials mentioning features or use of this software
|
|
31
|
-
* must display the following acknowledgement:
|
|
32
|
-
* "This product includes cryptographic software written by
|
|
33
|
-
* Eric Young (eay@cryptsoft.com)"
|
|
34
|
-
* The word 'cryptographic' can be left out if the rouines from the library
|
|
35
|
-
* being used are not cryptographic related :-).
|
|
36
|
-
* 4. If you include any Windows specific code (or a derivative thereof) from
|
|
37
|
-
* the apps directory (application code) you must include an acknowledgement:
|
|
38
|
-
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
|
39
|
-
*
|
|
40
|
-
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
41
|
-
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
42
|
-
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
43
|
-
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
44
|
-
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
45
|
-
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
46
|
-
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
47
|
-
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
48
|
-
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
49
|
-
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
50
|
-
* SUCH DAMAGE.
|
|
51
|
-
*
|
|
52
|
-
* The licence and distribution terms for any publically available version or
|
|
53
|
-
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
|
54
|
-
* copied and put under another distribution licence
|
|
55
|
-
* [including the GNU Public Licence.]
|
|
56
|
-
*/
|
|
57
|
-
/* ====================================================================
|
|
58
|
-
* Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
|
|
59
|
-
*
|
|
60
|
-
* Redistribution and use in source and binary forms, with or without
|
|
61
|
-
* modification, are permitted provided that the following conditions
|
|
62
|
-
* are met:
|
|
63
|
-
*
|
|
64
|
-
* 1. Redistributions of source code must retain the above copyright
|
|
65
|
-
* notice, this list of conditions and the following disclaimer.
|
|
66
|
-
*
|
|
67
|
-
* 2. Redistributions in binary form must reproduce the above copyright
|
|
68
|
-
* notice, this list of conditions and the following disclaimer in
|
|
69
|
-
* the documentation and/or other materials provided with the
|
|
70
|
-
* distribution.
|
|
71
|
-
*
|
|
72
|
-
* 3. All advertising materials mentioning features or use of this
|
|
73
|
-
* software must display the following acknowledgment:
|
|
74
|
-
* "This product includes software developed by the OpenSSL Project
|
|
75
|
-
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
76
|
-
*
|
|
77
|
-
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
78
|
-
* endorse or promote products derived from this software without
|
|
79
|
-
* prior written permission. For written permission, please contact
|
|
80
|
-
* openssl-core@openssl.org.
|
|
81
|
-
*
|
|
82
|
-
* 5. Products derived from this software may not be called "OpenSSL"
|
|
83
|
-
* nor may "OpenSSL" appear in their names without prior written
|
|
84
|
-
* permission of the OpenSSL Project.
|
|
85
|
-
*
|
|
86
|
-
* 6. Redistributions of any form whatsoever must retain the following
|
|
87
|
-
* acknowledgment:
|
|
88
|
-
* "This product includes software developed by the OpenSSL Project
|
|
89
|
-
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
90
|
-
*
|
|
91
|
-
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
92
|
-
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
93
|
-
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
94
|
-
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
95
|
-
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
96
|
-
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
97
|
-
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
98
|
-
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
99
|
-
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
100
|
-
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
101
|
-
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
102
|
-
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
103
|
-
* ====================================================================
|
|
104
|
-
*
|
|
105
|
-
* This product includes cryptographic software written by Eric Young
|
|
106
|
-
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
107
|
-
* Hudson (tjh@cryptsoft.com).
|
|
108
|
-
*
|
|
109
|
-
*/
|
|
110
|
-
/* ====================================================================
|
|
111
|
-
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
|
|
112
|
-
* ECC cipher suite support in OpenSSL originally developed by
|
|
113
|
-
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
|
|
114
|
-
*/
|
|
115
|
-
/* ====================================================================
|
|
116
|
-
* Copyright 2005 Nokia. All rights reserved.
|
|
117
|
-
*
|
|
118
|
-
* The portions of the attached software ("Contribution") is developed by
|
|
119
|
-
* Nokia Corporation and is licensed pursuant to the OpenSSL open source
|
|
120
|
-
* license.
|
|
121
|
-
*
|
|
122
|
-
* The Contribution, originally written by Mika Kousa and Pasi Eronen of
|
|
123
|
-
* Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
|
|
124
|
-
* support (see RFC 4279) to OpenSSL.
|
|
125
|
-
*
|
|
126
|
-
* No patent licenses or other rights except those expressly stated in
|
|
127
|
-
* the OpenSSL open source license shall be deemed granted or received
|
|
128
|
-
* expressly, by implication, estoppel, or otherwise.
|
|
129
|
-
*
|
|
130
|
-
* No assurances are provided by Nokia that the Contribution does not
|
|
131
|
-
* infringe the patent or other intellectual property rights of any third
|
|
132
|
-
* party or that the license provides you with all the necessary rights
|
|
133
|
-
* to make use of the Contribution.
|
|
134
|
-
*
|
|
135
|
-
* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
|
|
136
|
-
* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
|
|
137
|
-
* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
|
|
138
|
-
* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
|
|
139
|
-
* OTHERWISE.
|
|
140
|
-
*/
|
|
1
|
+
// Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
2
|
+
// Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
|
|
3
|
+
// Copyright 2005 Nokia. All rights reserved.
|
|
4
|
+
//
|
|
5
|
+
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
6
|
+
// you may not use this file except in compliance with the License.
|
|
7
|
+
// You may obtain a copy of the License at
|
|
8
|
+
//
|
|
9
|
+
// https://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
//
|
|
11
|
+
// Unless required by applicable law or agreed to in writing, software
|
|
12
|
+
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
13
|
+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
14
|
+
// See the License for the specific language governing permissions and
|
|
15
|
+
// limitations under the License.
|
|
141
16
|
|
|
142
17
|
#ifndef OPENSSL_HEADER_SSL_INTERNAL_H
|
|
143
18
|
#define OPENSSL_HEADER_SSL_INTERNAL_H
|
|
@@ -147,10 +22,12 @@
|
|
|
147
22
|
#include <stdlib.h>
|
|
148
23
|
|
|
149
24
|
#include <algorithm>
|
|
25
|
+
#include <atomic>
|
|
150
26
|
#include <bitset>
|
|
151
27
|
#include <initializer_list>
|
|
152
28
|
#include <limits>
|
|
153
29
|
#include <new>
|
|
30
|
+
#include <string_view>
|
|
154
31
|
#include <type_traits>
|
|
155
32
|
#include <utility>
|
|
156
33
|
|
|
@@ -167,6 +44,7 @@
|
|
|
167
44
|
#include "../crypto/err/internal.h"
|
|
168
45
|
#include "../crypto/internal.h"
|
|
169
46
|
#include "../crypto/lhash/internal.h"
|
|
47
|
+
#include "../crypto/spake2plus/internal.h"
|
|
170
48
|
|
|
171
49
|
|
|
172
50
|
#if defined(OPENSSL_WINDOWS)
|
|
@@ -194,7 +72,7 @@ struct SSL_X509_METHOD;
|
|
|
194
72
|
//
|
|
195
73
|
// Note: unlike |new|, this does not support non-public constructors.
|
|
196
74
|
template <typename T, typename... Args>
|
|
197
|
-
T *New(Args &&...
|
|
75
|
+
T *New(Args &&...args) {
|
|
198
76
|
void *t = OPENSSL_malloc(sizeof(T));
|
|
199
77
|
if (t == nullptr) {
|
|
200
78
|
return nullptr;
|
|
@@ -225,7 +103,7 @@ struct DeleterImpl<T, std::enable_if_t<T::kAllowUniquePtr>> {
|
|
|
225
103
|
// MakeUnique behaves like |std::make_unique| but returns nullptr on allocation
|
|
226
104
|
// error.
|
|
227
105
|
template <typename T, typename... Args>
|
|
228
|
-
UniquePtr<T> MakeUnique(Args &&...
|
|
106
|
+
UniquePtr<T> MakeUnique(Args &&...args) {
|
|
229
107
|
return UniquePtr<T>(New<T>(std::forward<Args>(args)...));
|
|
230
108
|
}
|
|
231
109
|
|
|
@@ -252,8 +130,14 @@ class Array {
|
|
|
252
130
|
size_t size() const { return size_; }
|
|
253
131
|
bool empty() const { return size_ == 0; }
|
|
254
132
|
|
|
255
|
-
const T &operator[](size_t i) const {
|
|
256
|
-
|
|
133
|
+
const T &operator[](size_t i) const {
|
|
134
|
+
BSSL_CHECK(i < size_);
|
|
135
|
+
return data_[i];
|
|
136
|
+
}
|
|
137
|
+
T &operator[](size_t i) {
|
|
138
|
+
BSSL_CHECK(i < size_);
|
|
139
|
+
return data_[i];
|
|
140
|
+
}
|
|
257
141
|
|
|
258
142
|
T *begin() { return data_; }
|
|
259
143
|
const T *begin() const { return data_; }
|
|
@@ -265,9 +149,7 @@ class Array {
|
|
|
265
149
|
// Reset releases the current contents of the array and takes ownership of the
|
|
266
150
|
// raw pointer supplied by the caller.
|
|
267
151
|
void Reset(T *new_data, size_t new_size) {
|
|
268
|
-
|
|
269
|
-
data_[i].~T();
|
|
270
|
-
}
|
|
152
|
+
std::destroy_n(data_, size_);
|
|
271
153
|
OPENSSL_free(data_);
|
|
272
154
|
data_ = new_data;
|
|
273
155
|
size_ = new_size;
|
|
@@ -283,38 +165,35 @@ class Array {
|
|
|
283
165
|
}
|
|
284
166
|
|
|
285
167
|
// Init replaces the array with a newly-allocated array of |new_size|
|
|
286
|
-
//
|
|
287
|
-
// error.
|
|
288
|
-
//
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
Reset();
|
|
292
|
-
if (new_size == 0) {
|
|
293
|
-
return true;
|
|
294
|
-
}
|
|
295
|
-
|
|
296
|
-
if (new_size > std::numeric_limits<size_t>::max() / sizeof(T)) {
|
|
297
|
-
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
|
168
|
+
// value-constructed copies of |T|. It returns true on success and false on
|
|
169
|
+
// error. If |T| is a primitive type like |uint8_t|, value-construction means
|
|
170
|
+
// it will be zero-initialized.
|
|
171
|
+
[[nodiscard]] bool Init(size_t new_size) {
|
|
172
|
+
if (!InitUninitialized(new_size)) {
|
|
298
173
|
return false;
|
|
299
174
|
}
|
|
300
|
-
data_
|
|
301
|
-
|
|
175
|
+
std::uninitialized_value_construct_n(data_, size_);
|
|
176
|
+
return true;
|
|
177
|
+
}
|
|
178
|
+
|
|
179
|
+
// InitForOverwrite behaves like |Init| but it default-constructs each element
|
|
180
|
+
// instead. This means that, if |T| is a primitive type, the array will be
|
|
181
|
+
// uninitialized and thus must be filled in by the caller.
|
|
182
|
+
[[nodiscard]] bool InitForOverwrite(size_t new_size) {
|
|
183
|
+
if (!InitUninitialized(new_size)) {
|
|
302
184
|
return false;
|
|
303
185
|
}
|
|
304
|
-
size_
|
|
305
|
-
for (size_t i = 0; i < size_; i++) {
|
|
306
|
-
new (&data_[i]) T;
|
|
307
|
-
}
|
|
186
|
+
std::uninitialized_default_construct_n(data_, size_);
|
|
308
187
|
return true;
|
|
309
188
|
}
|
|
310
189
|
|
|
311
190
|
// CopyFrom replaces the array with a newly-allocated copy of |in|. It returns
|
|
312
191
|
// true on success and false on error.
|
|
313
|
-
bool CopyFrom(Span<const T> in) {
|
|
314
|
-
if (!
|
|
192
|
+
[[nodiscard]] bool CopyFrom(Span<const T> in) {
|
|
193
|
+
if (!InitUninitialized(in.size())) {
|
|
315
194
|
return false;
|
|
316
195
|
}
|
|
317
|
-
std::
|
|
196
|
+
std::uninitialized_copy(in.begin(), in.end(), data_);
|
|
318
197
|
return true;
|
|
319
198
|
}
|
|
320
199
|
|
|
@@ -324,75 +203,103 @@ class Array {
|
|
|
324
203
|
if (new_size > size_) {
|
|
325
204
|
abort();
|
|
326
205
|
}
|
|
327
|
-
|
|
328
|
-
data_[i].~T();
|
|
329
|
-
}
|
|
206
|
+
std::destroy_n(data_ + new_size, size_ - new_size);
|
|
330
207
|
size_ = new_size;
|
|
331
208
|
}
|
|
332
209
|
|
|
333
210
|
private:
|
|
211
|
+
// InitUninitialized replaces the array with a newly-allocated array of
|
|
212
|
+
// |new_size| elements, but whose constructor has not yet run. On success, the
|
|
213
|
+
// elements must be constructed before returning control to the caller.
|
|
214
|
+
bool InitUninitialized(size_t new_size) {
|
|
215
|
+
Reset();
|
|
216
|
+
if (new_size == 0) {
|
|
217
|
+
return true;
|
|
218
|
+
}
|
|
219
|
+
|
|
220
|
+
if (new_size > std::numeric_limits<size_t>::max() / sizeof(T)) {
|
|
221
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
|
222
|
+
return false;
|
|
223
|
+
}
|
|
224
|
+
data_ = reinterpret_cast<T *>(OPENSSL_malloc(new_size * sizeof(T)));
|
|
225
|
+
if (data_ == nullptr) {
|
|
226
|
+
return false;
|
|
227
|
+
}
|
|
228
|
+
size_ = new_size;
|
|
229
|
+
return true;
|
|
230
|
+
}
|
|
231
|
+
|
|
334
232
|
T *data_ = nullptr;
|
|
335
233
|
size_t size_ = 0;
|
|
336
234
|
};
|
|
337
235
|
|
|
338
|
-
//
|
|
339
|
-
// Array<T>. When necessary, pushing will automatically trigger a resize.
|
|
340
|
-
//
|
|
341
|
-
// Note, for simplicity, this class currently differs from |std::vector| in that
|
|
342
|
-
// |T| must be efficiently default-constructible. Allocated elements beyond the
|
|
343
|
-
// end of the array are constructed and destructed.
|
|
236
|
+
// Vector<T> is a resizable array of elements of |T|.
|
|
344
237
|
template <typename T>
|
|
345
|
-
class
|
|
238
|
+
class Vector {
|
|
346
239
|
public:
|
|
347
|
-
|
|
348
|
-
|
|
349
|
-
|
|
350
|
-
~
|
|
351
|
-
|
|
352
|
-
|
|
353
|
-
|
|
354
|
-
|
|
355
|
-
other.
|
|
356
|
-
|
|
240
|
+
Vector() = default;
|
|
241
|
+
Vector(const Vector &) = delete;
|
|
242
|
+
Vector(Vector &&other) { *this = std::move(other); }
|
|
243
|
+
~Vector() { clear(); }
|
|
244
|
+
|
|
245
|
+
Vector &operator=(const Vector &) = delete;
|
|
246
|
+
Vector &operator=(Vector &&other) {
|
|
247
|
+
clear();
|
|
248
|
+
std::swap(data_, other.data_);
|
|
249
|
+
std::swap(size_, other.size_);
|
|
250
|
+
std::swap(capacity_, other.capacity_);
|
|
357
251
|
return *this;
|
|
358
252
|
}
|
|
359
253
|
|
|
360
|
-
const T *data() const { return
|
|
361
|
-
T *data() { return
|
|
254
|
+
const T *data() const { return data_; }
|
|
255
|
+
T *data() { return data_; }
|
|
362
256
|
size_t size() const { return size_; }
|
|
363
257
|
bool empty() const { return size_ == 0; }
|
|
364
258
|
|
|
365
|
-
const T &operator[](size_t i) const {
|
|
366
|
-
|
|
259
|
+
const T &operator[](size_t i) const {
|
|
260
|
+
BSSL_CHECK(i < size_);
|
|
261
|
+
return data_[i];
|
|
262
|
+
}
|
|
263
|
+
T &operator[](size_t i) {
|
|
264
|
+
BSSL_CHECK(i < size_);
|
|
265
|
+
return data_[i];
|
|
266
|
+
}
|
|
367
267
|
|
|
368
|
-
T *begin() { return
|
|
369
|
-
const T *begin() const { return
|
|
370
|
-
T *end() { return
|
|
371
|
-
const T *end() const { return
|
|
268
|
+
T *begin() { return data_; }
|
|
269
|
+
const T *begin() const { return data_; }
|
|
270
|
+
T *end() { return data_ + size_; }
|
|
271
|
+
const T *end() const { return data_ + size_; }
|
|
372
272
|
|
|
373
273
|
void clear() {
|
|
274
|
+
std::destroy_n(data_, size_);
|
|
275
|
+
OPENSSL_free(data_);
|
|
276
|
+
data_ = nullptr;
|
|
374
277
|
size_ = 0;
|
|
375
|
-
|
|
278
|
+
capacity_ = 0;
|
|
376
279
|
}
|
|
377
280
|
|
|
378
281
|
// Push adds |elem| at the end of the internal array, growing if necessary. It
|
|
379
282
|
// returns false when allocation fails.
|
|
380
|
-
bool Push(T elem) {
|
|
283
|
+
[[nodiscard]] bool Push(T elem) {
|
|
381
284
|
if (!MaybeGrow()) {
|
|
382
285
|
return false;
|
|
383
286
|
}
|
|
384
|
-
|
|
287
|
+
new (&data_[size_]) T(std::move(elem));
|
|
385
288
|
size_++;
|
|
386
289
|
return true;
|
|
387
290
|
}
|
|
388
291
|
|
|
389
292
|
// CopyFrom replaces the contents of the array with a copy of |in|. It returns
|
|
390
293
|
// true on success and false on allocation error.
|
|
391
|
-
bool CopyFrom(Span<const T> in) {
|
|
392
|
-
|
|
294
|
+
[[nodiscard]] bool CopyFrom(Span<const T> in) {
|
|
295
|
+
Array<T> copy;
|
|
296
|
+
if (!copy.CopyFrom(in)) {
|
|
393
297
|
return false;
|
|
394
298
|
}
|
|
395
|
-
|
|
299
|
+
|
|
300
|
+
clear();
|
|
301
|
+
copy.Release(&data_, &size_);
|
|
302
|
+
capacity_ = size_;
|
|
396
303
|
return true;
|
|
397
304
|
}
|
|
398
305
|
|
|
@@ -400,39 +307,249 @@ class GrowableArray {
|
|
|
400
307
|
// If there is no room for one more element, creates a new backing array with
|
|
401
308
|
// double the size of the old one and copies elements over.
|
|
402
309
|
bool MaybeGrow() {
|
|
403
|
-
if (array_.size() == 0) {
|
|
404
|
-
return array_.Init(kDefaultSize);
|
|
405
|
-
}
|
|
406
310
|
// No need to grow if we have room for one more T.
|
|
407
|
-
if (size_ <
|
|
311
|
+
if (size_ < capacity_) {
|
|
408
312
|
return true;
|
|
409
313
|
}
|
|
410
|
-
|
|
411
|
-
if (
|
|
314
|
+
size_t new_capacity = kDefaultSize;
|
|
315
|
+
if (capacity_ > 0) {
|
|
316
|
+
// Double the array's size if it's safe to do so.
|
|
317
|
+
if (capacity_ > std::numeric_limits<size_t>::max() / 2) {
|
|
318
|
+
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
|
319
|
+
return false;
|
|
320
|
+
}
|
|
321
|
+
new_capacity = capacity_ * 2;
|
|
322
|
+
}
|
|
323
|
+
if (new_capacity > std::numeric_limits<size_t>::max() / sizeof(T)) {
|
|
412
324
|
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
|
|
413
325
|
return false;
|
|
414
326
|
}
|
|
415
|
-
|
|
416
|
-
|
|
327
|
+
T *new_data =
|
|
328
|
+
reinterpret_cast<T *>(OPENSSL_malloc(new_capacity * sizeof(T)));
|
|
329
|
+
if (new_data == nullptr) {
|
|
417
330
|
return false;
|
|
418
331
|
}
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
|
|
332
|
+
size_t new_size = size_;
|
|
333
|
+
std::uninitialized_move(begin(), end(), new_data);
|
|
334
|
+
clear();
|
|
335
|
+
data_ = new_data;
|
|
336
|
+
size_ = new_size;
|
|
337
|
+
capacity_ = new_capacity;
|
|
424
338
|
return true;
|
|
425
339
|
}
|
|
426
340
|
|
|
427
|
-
//
|
|
341
|
+
// data_ is a pointer to |capacity_| objects of size |T|, the first |size_| of
|
|
342
|
+
// which are constructed.
|
|
343
|
+
T *data_ = nullptr;
|
|
344
|
+
// |size_| is the number of elements stored in this Vector.
|
|
428
345
|
size_t size_ = 0;
|
|
429
|
-
// |
|
|
430
|
-
|
|
431
|
-
Array<T> array_;
|
|
346
|
+
// |capacity_| is the number of elements allocated in this Vector.
|
|
347
|
+
size_t capacity_ = 0;
|
|
432
348
|
// |kDefaultSize| is the default initial size of the backing array.
|
|
433
349
|
static constexpr size_t kDefaultSize = 16;
|
|
434
350
|
};
|
|
435
351
|
|
|
352
|
+
// A PackedSize is an integer that can store values from 0 to N, represented as
|
|
353
|
+
// a minimal-width integer.
|
|
354
|
+
template <size_t N>
|
|
355
|
+
using PackedSize = std::conditional_t<
|
|
356
|
+
N <= 0xff, uint8_t,
|
|
357
|
+
std::conditional_t<N <= 0xffff, uint16_t,
|
|
358
|
+
std::conditional_t<N <= 0xffffffff, uint32_t, size_t>>>;
|
|
359
|
+
|
|
360
|
+
// An InplaceVector is like a Vector, but stores up to N elements inline in the
|
|
361
|
+
// object. It is inspired by std::inplace_vector in C++26.
|
|
362
|
+
template <typename T, size_t N>
|
|
363
|
+
class InplaceVector {
|
|
364
|
+
public:
|
|
365
|
+
InplaceVector() = default;
|
|
366
|
+
InplaceVector(const InplaceVector &other) { *this = other; }
|
|
367
|
+
InplaceVector(InplaceVector &&other) { *this = std::move(other); }
|
|
368
|
+
~InplaceVector() { clear(); }
|
|
369
|
+
InplaceVector &operator=(const InplaceVector &other) {
|
|
370
|
+
if (this != &other) {
|
|
371
|
+
CopyFrom(other);
|
|
372
|
+
}
|
|
373
|
+
return *this;
|
|
374
|
+
}
|
|
375
|
+
InplaceVector &operator=(InplaceVector &&other) {
|
|
376
|
+
clear();
|
|
377
|
+
std::uninitialized_move(other.begin(), other.end(), data());
|
|
378
|
+
size_ = other.size();
|
|
379
|
+
return *this;
|
|
380
|
+
}
|
|
381
|
+
|
|
382
|
+
const T *data() const { return reinterpret_cast<const T *>(storage_); }
|
|
383
|
+
T *data() { return reinterpret_cast<T *>(storage_); }
|
|
384
|
+
size_t size() const { return size_; }
|
|
385
|
+
static constexpr size_t capacity() { return N; }
|
|
386
|
+
bool empty() const { return size_ == 0; }
|
|
387
|
+
|
|
388
|
+
const T &operator[](size_t i) const {
|
|
389
|
+
BSSL_CHECK(i < size_);
|
|
390
|
+
return data()[i];
|
|
391
|
+
}
|
|
392
|
+
T &operator[](size_t i) {
|
|
393
|
+
BSSL_CHECK(i < size_);
|
|
394
|
+
return data()[i];
|
|
395
|
+
}
|
|
396
|
+
|
|
397
|
+
T *begin() { return data(); }
|
|
398
|
+
const T *begin() const { return data(); }
|
|
399
|
+
T *end() { return data() + size_; }
|
|
400
|
+
const T *end() const { return data() + size_; }
|
|
401
|
+
|
|
402
|
+
void clear() { Shrink(0); }
|
|
403
|
+
|
|
404
|
+
// Shrink resizes the vector to |new_size|, which must not be larger than the
|
|
405
|
+
// current size. Unlike |Resize|, this can be called when |T| is not
|
|
406
|
+
// default-constructible.
|
|
407
|
+
void Shrink(size_t new_size) {
|
|
408
|
+
BSSL_CHECK(new_size <= size_);
|
|
409
|
+
std::destroy_n(data() + new_size, size_ - new_size);
|
|
410
|
+
size_ = static_cast<PackedSize<N>>(new_size);
|
|
411
|
+
}
|
|
412
|
+
|
|
413
|
+
// TryResize resizes the vector to |new_size| and returns true, or returns
|
|
414
|
+
// false if |new_size| is too large. Any newly-added elements are
|
|
415
|
+
// value-initialized.
|
|
416
|
+
[[nodiscard]] bool TryResize(size_t new_size) {
|
|
417
|
+
if (new_size <= size_) {
|
|
418
|
+
Shrink(new_size);
|
|
419
|
+
return true;
|
|
420
|
+
}
|
|
421
|
+
if (new_size > capacity()) {
|
|
422
|
+
return false;
|
|
423
|
+
}
|
|
424
|
+
std::uninitialized_value_construct_n(data() + size_, new_size - size_);
|
|
425
|
+
size_ = static_cast<PackedSize<N>>(new_size);
|
|
426
|
+
return true;
|
|
427
|
+
}
|
|
428
|
+
|
|
429
|
+
// TryResizeForOverwrite behaves like |TryResize|, but newly-added elements
|
|
430
|
+
// are default-initialized, so POD types may contain uninitialized values that
|
|
431
|
+
// the caller is responsible for filling in.
|
|
432
|
+
[[nodiscard]] bool TryResizeForOverwrite(size_t new_size) {
|
|
433
|
+
if (new_size <= size_) {
|
|
434
|
+
Shrink(new_size);
|
|
435
|
+
return true;
|
|
436
|
+
}
|
|
437
|
+
if (new_size > capacity()) {
|
|
438
|
+
return false;
|
|
439
|
+
}
|
|
440
|
+
std::uninitialized_default_construct_n(data() + size_, new_size - size_);
|
|
441
|
+
size_ = static_cast<PackedSize<N>>(new_size);
|
|
442
|
+
return true;
|
|
443
|
+
}
|
|
444
|
+
|
|
445
|
+
// TryCopyFrom sets the vector to a copy of |in| and returns true, or returns
|
|
446
|
+
// false if |in| is too large.
|
|
447
|
+
[[nodiscard]] bool TryCopyFrom(Span<const T> in) {
|
|
448
|
+
if (in.size() > capacity()) {
|
|
449
|
+
return false;
|
|
450
|
+
}
|
|
451
|
+
clear();
|
|
452
|
+
std::uninitialized_copy(in.begin(), in.end(), data());
|
|
453
|
+
size_ = in.size();
|
|
454
|
+
return true;
|
|
455
|
+
}
|
|
456
|
+
|
|
457
|
+
// TryPushBack appends |val| to the vector and returns a pointer to the
|
|
458
|
+
// newly-inserted value, or nullptr if the vector is at capacity.
|
|
459
|
+
[[nodiscard]] T *TryPushBack(T val) {
|
|
460
|
+
if (size() >= capacity()) {
|
|
461
|
+
return nullptr;
|
|
462
|
+
}
|
|
463
|
+
T *ret = &data()[size_];
|
|
464
|
+
new (ret) T(std::move(val));
|
|
465
|
+
size_++;
|
|
466
|
+
return ret;
|
|
467
|
+
}
|
|
468
|
+
|
|
469
|
+
// The following methods behave like their |Try*| counterparts, but abort the
|
|
470
|
+
// program on failure.
|
|
471
|
+
void Resize(size_t size) { BSSL_CHECK(TryResize(size)); }
|
|
472
|
+
void ResizeForOverwrite(size_t size) {
|
|
473
|
+
BSSL_CHECK(TryResizeForOverwrite(size));
|
|
474
|
+
}
|
|
475
|
+
void CopyFrom(Span<const T> in) { BSSL_CHECK(TryCopyFrom(in)); }
|
|
476
|
+
T &PushBack(T val) {
|
|
477
|
+
T *ret = TryPushBack(std::move(val));
|
|
478
|
+
BSSL_CHECK(ret != nullptr);
|
|
479
|
+
return *ret;
|
|
480
|
+
}
|
|
481
|
+
|
|
482
|
+
template <typename Pred>
|
|
483
|
+
void EraseIf(Pred pred) {
|
|
484
|
+
// See if anything needs to be erased at all. This avoids a self-move.
|
|
485
|
+
auto iter = std::find_if(begin(), end(), pred);
|
|
486
|
+
if (iter == end()) {
|
|
487
|
+
return;
|
|
488
|
+
}
|
|
489
|
+
|
|
490
|
+
// Elements before the first to be erased may be left as-is.
|
|
491
|
+
size_t new_size = iter - begin();
|
|
492
|
+
// Swap all subsequent elements in if they are to be kept.
|
|
493
|
+
for (size_t i = new_size + 1; i < size(); i++) {
|
|
494
|
+
if (!pred((*this)[i])) {
|
|
495
|
+
(*this)[new_size] = std::move((*this)[i]);
|
|
496
|
+
new_size++;
|
|
497
|
+
}
|
|
498
|
+
}
|
|
499
|
+
|
|
500
|
+
Shrink(new_size);
|
|
501
|
+
}
|
|
502
|
+
|
|
503
|
+
private:
|
|
504
|
+
alignas(T) char storage_[sizeof(T[N])];
|
|
505
|
+
PackedSize<N> size_ = 0;
|
|
506
|
+
};
|
|
507
|
+
|
|
508
|
+
// An MRUQueue maintains a queue of up to |N| objects of type |T|. If the queue
|
|
509
|
+
// is at capacity, adding to the queue pops the least recently added element.
|
|
510
|
+
template <typename T, size_t N>
|
|
511
|
+
class MRUQueue {
|
|
512
|
+
public:
|
|
513
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
514
|
+
|
|
515
|
+
MRUQueue() = default;
|
|
516
|
+
|
|
517
|
+
// If we ever need to make this type movable, we could. (The defaults almost
|
|
518
|
+
// work except we need |start_| to be reset when moved-from.)
|
|
519
|
+
MRUQueue(const MRUQueue &other) = delete;
|
|
520
|
+
MRUQueue &operator=(const MRUQueue &other) = delete;
|
|
521
|
+
|
|
522
|
+
bool empty() const { return size() == 0; }
|
|
523
|
+
size_t size() const { return storage_.size(); }
|
|
524
|
+
|
|
525
|
+
T &operator[](size_t i) {
|
|
526
|
+
BSSL_CHECK(i < size());
|
|
527
|
+
return storage_[(start_ + i) % N];
|
|
528
|
+
}
|
|
529
|
+
const T &operator[](size_t i) const {
|
|
530
|
+
return (*const_cast<MRUQueue *>(this))[i];
|
|
531
|
+
}
|
|
532
|
+
|
|
533
|
+
void Clear() {
|
|
534
|
+
storage_.clear();
|
|
535
|
+
start_ = 0;
|
|
536
|
+
}
|
|
537
|
+
|
|
538
|
+
void PushBack(T t) {
|
|
539
|
+
if (storage_.size() < N) {
|
|
540
|
+
assert(start_ == 0);
|
|
541
|
+
storage_.PushBack(std::move(t));
|
|
542
|
+
} else {
|
|
543
|
+
(*this)[0] = std::move(t);
|
|
544
|
+
start_ = (start_ + 1) % N;
|
|
545
|
+
}
|
|
546
|
+
}
|
|
547
|
+
|
|
548
|
+
private:
|
|
549
|
+
InplaceVector<T, N> storage_;
|
|
550
|
+
PackedSize<N> start_ = 0;
|
|
551
|
+
};
|
|
552
|
+
|
|
436
553
|
// CBBFinishArray behaves like |CBB_finish| but stores the result in an Array.
|
|
437
554
|
OPENSSL_EXPORT bool CBBFinishArray(CBB *cbb, Array<uint8_t> *out);
|
|
438
555
|
|
|
@@ -445,7 +562,7 @@ template <typename T, typename Name>
|
|
|
445
562
|
inline size_t GetAllNames(const char **out, size_t max_out,
|
|
446
563
|
Span<const char *const> fixed_names, Name(T::*name),
|
|
447
564
|
Span<const T> objects) {
|
|
448
|
-
auto span = bssl::
|
|
565
|
+
auto span = bssl::Span(out, max_out);
|
|
449
566
|
for (size_t i = 0; !span.empty() && i < fixed_names.size(); i++) {
|
|
450
567
|
span[0] = fixed_names[i];
|
|
451
568
|
span = span.subspan(1);
|
|
@@ -547,6 +664,11 @@ bool ssl_add_supported_versions(const SSL_HANDSHAKE *hs, CBB *cbb,
|
|
|
547
664
|
bool ssl_negotiate_version(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
548
665
|
uint16_t *out_version, const CBS *peer_versions);
|
|
549
666
|
|
|
667
|
+
// ssl_has_final_version returns whether |ssl| has determined the final version.
|
|
668
|
+
// This may be used to distinguish the predictive 0-RTT version from the final
|
|
669
|
+
// one.
|
|
670
|
+
bool ssl_has_final_version(const SSL *ssl);
|
|
671
|
+
|
|
550
672
|
// ssl_protocol_version returns |ssl|'s protocol version. It is an error to
|
|
551
673
|
// call this function before the version is determined.
|
|
552
674
|
uint16_t ssl_protocol_version(const SSL *ssl);
|
|
@@ -671,7 +793,7 @@ Span<const SSL_CIPHER> AllCiphers();
|
|
|
671
793
|
bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead,
|
|
672
794
|
size_t *out_mac_secret_len,
|
|
673
795
|
size_t *out_fixed_iv_len, const SSL_CIPHER *cipher,
|
|
674
|
-
uint16_t version
|
|
796
|
+
uint16_t version);
|
|
675
797
|
|
|
676
798
|
// ssl_get_handshake_digest returns the |EVP_MD| corresponding to |version| and
|
|
677
799
|
// |cipher|.
|
|
@@ -732,7 +854,7 @@ OPENSSL_EXPORT bool ssl_cipher_is_deprecated(const SSL_CIPHER *cipher);
|
|
|
732
854
|
// buffer and running hash.
|
|
733
855
|
class SSLTranscript {
|
|
734
856
|
public:
|
|
735
|
-
SSLTranscript();
|
|
857
|
+
explicit SSLTranscript(bool is_dtls);
|
|
736
858
|
~SSLTranscript();
|
|
737
859
|
|
|
738
860
|
SSLTranscript(SSLTranscript &&other) = default;
|
|
@@ -763,8 +885,8 @@ class SSLTranscript {
|
|
|
763
885
|
bool CopyToHashContext(EVP_MD_CTX *ctx, const EVP_MD *digest) const;
|
|
764
886
|
|
|
765
887
|
Span<const uint8_t> buffer() const {
|
|
766
|
-
return
|
|
767
|
-
|
|
888
|
+
return Span(reinterpret_cast<const uint8_t *>(buffer_->data),
|
|
889
|
+
buffer_->length);
|
|
768
890
|
}
|
|
769
891
|
|
|
770
892
|
// FreeBuffer releases the handshake buffer. Subsequent calls to
|
|
@@ -795,17 +917,30 @@ class SSLTranscript {
|
|
|
795
917
|
bool from_server) const;
|
|
796
918
|
|
|
797
919
|
private:
|
|
920
|
+
// HashBuffer initializes |ctx| to use |digest| and writes the contents of
|
|
921
|
+
// |buffer_| to |ctx|. If this SSLTranscript is for DTLS 1.3, the appropriate
|
|
922
|
+
// bytes in |buffer_| will be skipped when hashing the buffer.
|
|
923
|
+
bool HashBuffer(EVP_MD_CTX *ctx, const EVP_MD *digest) const;
|
|
924
|
+
|
|
925
|
+
// AddToBufferOrHash directly adds the contents of |in| to |buffer_| and/or
|
|
926
|
+
// |hash_|.
|
|
927
|
+
bool AddToBufferOrHash(Span<const uint8_t> in);
|
|
928
|
+
|
|
798
929
|
// buffer_, if non-null, contains the handshake transcript.
|
|
799
930
|
UniquePtr<BUF_MEM> buffer_;
|
|
800
931
|
// hash, if initialized with an |EVP_MD|, maintains the handshake hash.
|
|
801
932
|
ScopedEVP_MD_CTX hash_;
|
|
933
|
+
// is_dtls_ indicates whether this is a transcript for a DTLS connection.
|
|
934
|
+
bool is_dtls_ : 1;
|
|
935
|
+
// version_ contains the version for the connection (if known).
|
|
936
|
+
uint16_t version_ = 0;
|
|
802
937
|
};
|
|
803
938
|
|
|
804
939
|
// tls1_prf computes the PRF function for |ssl|. It fills |out|, using |secret|
|
|
805
940
|
// as the secret and |label| as the label. |seed1| and |seed2| are concatenated
|
|
806
941
|
// to form the seed parameter. It returns true on success and false on failure.
|
|
807
942
|
bool tls1_prf(const EVP_MD *digest, Span<uint8_t> out,
|
|
808
|
-
Span<const uint8_t> secret,
|
|
943
|
+
Span<const uint8_t> secret, std::string_view label,
|
|
809
944
|
Span<const uint8_t> seed1, Span<const uint8_t> seed2);
|
|
810
945
|
|
|
811
946
|
|
|
@@ -815,7 +950,7 @@ bool tls1_prf(const EVP_MD *digest, Span<uint8_t> out,
|
|
|
815
950
|
// encrypt an SSL connection.
|
|
816
951
|
class SSLAEADContext {
|
|
817
952
|
public:
|
|
818
|
-
SSLAEADContext(
|
|
953
|
+
explicit SSLAEADContext(const SSL_CIPHER *cipher);
|
|
819
954
|
~SSLAEADContext();
|
|
820
955
|
static constexpr bool kAllowUniquePtr = true;
|
|
821
956
|
|
|
@@ -823,38 +958,23 @@ class SSLAEADContext {
|
|
|
823
958
|
SSLAEADContext &operator=(const SSLAEADContext &&) = delete;
|
|
824
959
|
|
|
825
960
|
// CreateNullCipher creates an |SSLAEADContext| for the null cipher.
|
|
826
|
-
static UniquePtr<SSLAEADContext> CreateNullCipher(
|
|
961
|
+
static UniquePtr<SSLAEADContext> CreateNullCipher();
|
|
827
962
|
|
|
828
963
|
// Create creates an |SSLAEADContext| using the supplied key material. It
|
|
829
964
|
// returns nullptr on error. Only one of |Open| or |Seal| may be used with the
|
|
830
|
-
// resulting object, depending on |direction|. |version| is the
|
|
831
|
-
// protocol version, so DTLS 1.0 is represented as 0x0301, not 0xffef.
|
|
965
|
+
// resulting object, depending on |direction|. |version| is the wire version.
|
|
832
966
|
static UniquePtr<SSLAEADContext> Create(enum evp_aead_direction_t direction,
|
|
833
|
-
uint16_t version,
|
|
967
|
+
uint16_t version,
|
|
834
968
|
const SSL_CIPHER *cipher,
|
|
835
969
|
Span<const uint8_t> enc_key,
|
|
836
970
|
Span<const uint8_t> mac_key,
|
|
837
971
|
Span<const uint8_t> fixed_iv);
|
|
838
972
|
|
|
839
973
|
// CreatePlaceholderForQUIC creates a placeholder |SSLAEADContext| for the
|
|
840
|
-
// given cipher
|
|
841
|
-
//
|
|
974
|
+
// given cipher. The resulting object can be queried for various properties
|
|
975
|
+
// but cannot encrypt or decrypt data.
|
|
842
976
|
static UniquePtr<SSLAEADContext> CreatePlaceholderForQUIC(
|
|
843
|
-
|
|
844
|
-
|
|
845
|
-
// SetVersionIfNullCipher sets the version the SSLAEADContext for the null
|
|
846
|
-
// cipher, to make version-specific determinations in the record layer prior
|
|
847
|
-
// to a cipher being selected.
|
|
848
|
-
void SetVersionIfNullCipher(uint16_t version);
|
|
849
|
-
|
|
850
|
-
// ProtocolVersion returns the protocol version associated with this
|
|
851
|
-
// SSLAEADContext. It can only be called once |version_| has been set to a
|
|
852
|
-
// valid value.
|
|
853
|
-
uint16_t ProtocolVersion() const;
|
|
854
|
-
|
|
855
|
-
// RecordVersion returns the record version that should be used with this
|
|
856
|
-
// SSLAEADContext for record construction and crypto.
|
|
857
|
-
uint16_t RecordVersion() const;
|
|
977
|
+
const SSL_CIPHER *cipher);
|
|
858
978
|
|
|
859
979
|
const SSL_CIPHER *cipher() const { return cipher_; }
|
|
860
980
|
|
|
@@ -867,6 +987,10 @@ class SSLAEADContext {
|
|
|
867
987
|
// MaxOverhead returns the maximum overhead of calling |Seal|.
|
|
868
988
|
size_t MaxOverhead() const;
|
|
869
989
|
|
|
990
|
+
// MaxSealInputLen returns the maximum length for |Seal| that can fit in
|
|
991
|
+
// |max_out| output bytes, or zero if no input may fit.
|
|
992
|
+
size_t MaxSealInputLen(size_t max_out) const;
|
|
993
|
+
|
|
870
994
|
// SuffixLen calculates the suffix length written by |SealScatter| and writes
|
|
871
995
|
// it to |*out_suffix_len|. It returns true on success and false on error.
|
|
872
996
|
// |in_len| and |extra_in_len| should equal the argument of the same names
|
|
@@ -928,12 +1052,8 @@ class SSLAEADContext {
|
|
|
928
1052
|
ScopedEVP_AEAD_CTX ctx_;
|
|
929
1053
|
// fixed_nonce_ contains any bytes of the nonce that are fixed for all
|
|
930
1054
|
// records.
|
|
931
|
-
uint8_t fixed_nonce_
|
|
932
|
-
uint8_t
|
|
933
|
-
// version_ is the wire version that should be used with this AEAD.
|
|
934
|
-
uint16_t version_;
|
|
935
|
-
// is_dtls_ is whether DTLS is being used with this AEAD.
|
|
936
|
-
bool is_dtls_;
|
|
1055
|
+
InplaceVector<uint8_t, 12> fixed_nonce_;
|
|
1056
|
+
uint8_t variable_nonce_len_ = 0;
|
|
937
1057
|
// variable_nonce_included_in_record_ is true if the variable nonce
|
|
938
1058
|
// for a record is included as a prefix before the ciphertext.
|
|
939
1059
|
bool variable_nonce_included_in_record_ : 1;
|
|
@@ -954,20 +1074,122 @@ class SSLAEADContext {
|
|
|
954
1074
|
|
|
955
1075
|
// DTLS replay bitmap.
|
|
956
1076
|
|
|
957
|
-
//
|
|
958
|
-
// replayed packets.
|
|
959
|
-
|
|
1077
|
+
// DTLSReplayBitmap maintains a sliding window of sequence numbers to detect
|
|
1078
|
+
// replayed packets.
|
|
1079
|
+
class DTLSReplayBitmap {
|
|
1080
|
+
public:
|
|
1081
|
+
// ShouldDiscard returns true if |seq_num| has been seen in
|
|
1082
|
+
// |bitmap| or is stale. Otherwise it returns false.
|
|
1083
|
+
bool ShouldDiscard(uint64_t seqnum) const;
|
|
1084
|
+
|
|
1085
|
+
// Record updates the bitmap to record receipt of sequence number
|
|
1086
|
+
// |seq_num|. It slides the window forward if needed. It is an error to call
|
|
1087
|
+
// this function on a stale sequence number.
|
|
1088
|
+
void Record(uint64_t seqnum);
|
|
1089
|
+
|
|
1090
|
+
uint64_t max_seq_num() const { return max_seq_num_; }
|
|
1091
|
+
|
|
1092
|
+
private:
|
|
960
1093
|
// map is a bitset of sequence numbers that have been seen. Bit i corresponds
|
|
961
|
-
// to |
|
|
962
|
-
std::bitset<256>
|
|
963
|
-
//
|
|
1094
|
+
// to |max_seq_num_ - i|.
|
|
1095
|
+
std::bitset<256> map_;
|
|
1096
|
+
// max_seq_num_ is the largest sequence number seen so far as a 64-bit
|
|
964
1097
|
// integer.
|
|
965
|
-
uint64_t
|
|
1098
|
+
uint64_t max_seq_num_ = 0;
|
|
966
1099
|
};
|
|
967
1100
|
|
|
1101
|
+
// reconstruct_seqnum takes the low order bits of a record sequence number from
|
|
1102
|
+
// the wire and reconstructs the full sequence number. It does so using the
|
|
1103
|
+
// algorithm described in section 4.2.2 of RFC 9147, where |wire_seq| is the
|
|
1104
|
+
// low bits of the sequence number as seen on the wire, |seq_mask| is a bitmask
|
|
1105
|
+
// of 8 or 16 1 bits corresponding to the length of the sequence number on the
|
|
1106
|
+
// wire, and |max_valid_seqnum| is the largest sequence number of a record
|
|
1107
|
+
// successfully deprotected in this epoch. This function returns the sequence
|
|
1108
|
+
// number that is numerically closest to one plus |max_valid_seqnum| that when
|
|
1109
|
+
// bitwise and-ed with |seq_mask| equals |wire_seq|.
|
|
1110
|
+
//
|
|
1111
|
+
// |max_valid_seqnum| must be most 2^48-1, in which case the output will also be
|
|
1112
|
+
// at most 2^48-1.
|
|
1113
|
+
OPENSSL_EXPORT uint64_t reconstruct_seqnum(uint16_t wire_seq, uint64_t seq_mask,
|
|
1114
|
+
uint64_t max_valid_seqnum);
|
|
1115
|
+
|
|
968
1116
|
|
|
969
1117
|
// Record layer.
|
|
970
1118
|
|
|
1119
|
+
class DTLSRecordNumber {
|
|
1120
|
+
public:
|
|
1121
|
+
static constexpr uint64_t kMaxSequence = (uint64_t{1} << 48) - 1;
|
|
1122
|
+
|
|
1123
|
+
DTLSRecordNumber() = default;
|
|
1124
|
+
DTLSRecordNumber(uint16_t epoch, uint64_t sequence) {
|
|
1125
|
+
BSSL_CHECK(sequence <= kMaxSequence);
|
|
1126
|
+
combined_ = (uint64_t{epoch} << 48) | sequence;
|
|
1127
|
+
}
|
|
1128
|
+
|
|
1129
|
+
static DTLSRecordNumber FromCombined(uint64_t combined) {
|
|
1130
|
+
return DTLSRecordNumber(combined);
|
|
1131
|
+
}
|
|
1132
|
+
|
|
1133
|
+
bool operator==(DTLSRecordNumber r) const {
|
|
1134
|
+
return combined() == r.combined();
|
|
1135
|
+
}
|
|
1136
|
+
bool operator!=(DTLSRecordNumber r) const { return !((*this) == r); }
|
|
1137
|
+
bool operator<(DTLSRecordNumber r) const { return combined() < r.combined(); }
|
|
1138
|
+
|
|
1139
|
+
uint64_t combined() const { return combined_; }
|
|
1140
|
+
uint16_t epoch() const { return combined_ >> 48; }
|
|
1141
|
+
uint64_t sequence() const { return combined_ & kMaxSequence; }
|
|
1142
|
+
|
|
1143
|
+
bool HasNext() const { return sequence() < kMaxSequence; }
|
|
1144
|
+
DTLSRecordNumber Next() const {
|
|
1145
|
+
BSSL_CHECK(HasNext());
|
|
1146
|
+
// This will not overflow into the epoch.
|
|
1147
|
+
return DTLSRecordNumber::FromCombined(combined_ + 1);
|
|
1148
|
+
}
|
|
1149
|
+
|
|
1150
|
+
private:
|
|
1151
|
+
explicit DTLSRecordNumber(uint64_t combined) : combined_(combined) {}
|
|
1152
|
+
|
|
1153
|
+
uint64_t combined_ = 0;
|
|
1154
|
+
};
|
|
1155
|
+
|
|
1156
|
+
class RecordNumberEncrypter {
|
|
1157
|
+
public:
|
|
1158
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
1159
|
+
static constexpr size_t kMaxKeySize = 32;
|
|
1160
|
+
|
|
1161
|
+
// Create returns a DTLS 1.3 record number encrypter for |traffic_secret|, or
|
|
1162
|
+
// nullptr on error.
|
|
1163
|
+
static UniquePtr<RecordNumberEncrypter> Create(
|
|
1164
|
+
const SSL_CIPHER *cipher, Span<const uint8_t> traffic_secret);
|
|
1165
|
+
|
|
1166
|
+
virtual ~RecordNumberEncrypter() = default;
|
|
1167
|
+
virtual size_t KeySize() = 0;
|
|
1168
|
+
virtual bool SetKey(Span<const uint8_t> key) = 0;
|
|
1169
|
+
virtual bool GenerateMask(Span<uint8_t> out, Span<const uint8_t> sample) = 0;
|
|
1170
|
+
};
|
|
1171
|
+
|
|
1172
|
+
struct DTLSReadEpoch {
|
|
1173
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
1174
|
+
|
|
1175
|
+
// TODO(davidben): This could be made slightly more compact if |bitmap| stored
|
|
1176
|
+
// a DTLSRecordNumber.
|
|
1177
|
+
uint16_t epoch = 0;
|
|
1178
|
+
UniquePtr<SSLAEADContext> aead;
|
|
1179
|
+
UniquePtr<RecordNumberEncrypter> rn_encrypter;
|
|
1180
|
+
DTLSReplayBitmap bitmap;
|
|
1181
|
+
};
|
|
1182
|
+
|
|
1183
|
+
struct DTLSWriteEpoch {
|
|
1184
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
1185
|
+
|
|
1186
|
+
uint16_t epoch() const { return next_record.epoch(); }
|
|
1187
|
+
|
|
1188
|
+
DTLSRecordNumber next_record;
|
|
1189
|
+
UniquePtr<SSLAEADContext> aead;
|
|
1190
|
+
UniquePtr<RecordNumberEncrypter> rn_encrypter;
|
|
1191
|
+
};
|
|
1192
|
+
|
|
971
1193
|
// ssl_record_prefix_len returns the length of the prefix before the ciphertext
|
|
972
1194
|
// of a record for |ssl|.
|
|
973
1195
|
//
|
|
@@ -1012,23 +1234,17 @@ enum ssl_open_record_t tls_open_record(SSL *ssl, uint8_t *out_type,
|
|
|
1012
1234
|
|
|
1013
1235
|
// dtls_open_record implements |tls_open_record| for DTLS. It only returns
|
|
1014
1236
|
// |ssl_open_record_partial| if |in| was empty and sets |*out_consumed| to
|
|
1015
|
-
// zero. The caller should read one packet and try again.
|
|
1237
|
+
// zero. The caller should read one packet and try again. On success,
|
|
1238
|
+
// |*out_number| is set to the record number of the record.
|
|
1016
1239
|
enum ssl_open_record_t dtls_open_record(SSL *ssl, uint8_t *out_type,
|
|
1240
|
+
DTLSRecordNumber *out_number,
|
|
1017
1241
|
Span<uint8_t> *out,
|
|
1018
1242
|
size_t *out_consumed,
|
|
1019
1243
|
uint8_t *out_alert, Span<uint8_t> in);
|
|
1020
1244
|
|
|
1021
|
-
//
|
|
1022
|
-
//
|
|
1023
|
-
|
|
1024
|
-
//
|
|
1025
|
-
// Note when TLS 1.0 CBC record-splitting is enabled, this includes the one byte
|
|
1026
|
-
// record and is the offset into second record's ciphertext. Thus sealing a
|
|
1027
|
-
// small record may result in a smaller output than this value.
|
|
1028
|
-
//
|
|
1029
|
-
// TODO(davidben): Is this alignment valuable? Record-splitting makes this a
|
|
1030
|
-
// mess.
|
|
1031
|
-
size_t ssl_seal_align_prefix_len(const SSL *ssl);
|
|
1245
|
+
// ssl_needs_record_splitting returns one if |ssl|'s current outgoing cipher
|
|
1246
|
+
// state needs record-splitting and zero otherwise.
|
|
1247
|
+
bool ssl_needs_record_splitting(const SSL *ssl);
|
|
1032
1248
|
|
|
1033
1249
|
// tls_seal_record seals a new record of type |type| and body |in| and writes it
|
|
1034
1250
|
// to |out|. At most |max_out| bytes will be written. It returns true on success
|
|
@@ -1036,7 +1252,7 @@ size_t ssl_seal_align_prefix_len(const SSL *ssl);
|
|
|
1036
1252
|
// 1/n-1 record splitting and may write two records concatenated.
|
|
1037
1253
|
//
|
|
1038
1254
|
// For a large record, the bulk of the ciphertext will begin
|
|
1039
|
-
// |
|
|
1255
|
+
// |tls_seal_align_prefix_len| bytes into out. Aligning |out| appropriately may
|
|
1040
1256
|
// improve performance. It writes at most |in_len| + |SSL_max_seal_overhead|
|
|
1041
1257
|
// bytes to |out|.
|
|
1042
1258
|
//
|
|
@@ -1044,6 +1260,10 @@ size_t ssl_seal_align_prefix_len(const SSL *ssl);
|
|
|
1044
1260
|
bool tls_seal_record(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out,
|
|
1045
1261
|
uint8_t type, const uint8_t *in, size_t in_len);
|
|
1046
1262
|
|
|
1263
|
+
// dtls_record_header_write_len returns the length of the record header that
|
|
1264
|
+
// will be written at |epoch|.
|
|
1265
|
+
size_t dtls_record_header_write_len(const SSL *ssl, uint16_t epoch);
|
|
1266
|
+
|
|
1047
1267
|
// dtls_max_seal_overhead returns the maximum overhead, in bytes, of sealing a
|
|
1048
1268
|
// record.
|
|
1049
1269
|
size_t dtls_max_seal_overhead(const SSL *ssl, uint16_t epoch);
|
|
@@ -1052,13 +1272,18 @@ size_t dtls_max_seal_overhead(const SSL *ssl, uint16_t epoch);
|
|
|
1052
1272
|
// front of the plaintext when sealing a record in-place.
|
|
1053
1273
|
size_t dtls_seal_prefix_len(const SSL *ssl, uint16_t epoch);
|
|
1054
1274
|
|
|
1275
|
+
// dtls_seal_max_input_len returns the maximum number of input bytes that can
|
|
1276
|
+
// fit in a record of up to |max_out| bytes, or zero if none may fit.
|
|
1277
|
+
size_t dtls_seal_max_input_len(const SSL *ssl, uint16_t epoch, size_t max_out);
|
|
1278
|
+
|
|
1055
1279
|
// dtls_seal_record implements |tls_seal_record| for DTLS. |epoch| selects which
|
|
1056
1280
|
// epoch's cipher state to use. Unlike |tls_seal_record|, |in| and |out| may
|
|
1057
1281
|
// alias but, if they do, |in| must be exactly |dtls_seal_prefix_len| bytes
|
|
1058
|
-
// ahead of |out|.
|
|
1059
|
-
|
|
1060
|
-
|
|
1061
|
-
|
|
1282
|
+
// ahead of |out|. On success, |*out_number| is set to the record number of the
|
|
1283
|
+
// record.
|
|
1284
|
+
bool dtls_seal_record(SSL *ssl, DTLSRecordNumber *out_number, uint8_t *out,
|
|
1285
|
+
size_t *out_len, size_t max_out, uint8_t type,
|
|
1286
|
+
const uint8_t *in, size_t in_len, uint16_t epoch);
|
|
1062
1287
|
|
|
1063
1288
|
// ssl_process_alert processes |in| as an alert and updates |ssl|'s shutdown
|
|
1064
1289
|
// state. It returns one of |ssl_open_record_discard|, |ssl_open_record_error|,
|
|
@@ -1130,8 +1355,7 @@ class SSLKeyShare {
|
|
|
1130
1355
|
// |out_ciphertext|, and sets |*out_secret| to the shared secret. On failure,
|
|
1131
1356
|
// it returns false and sets |*out_alert| to an alert to send to the peer.
|
|
1132
1357
|
virtual bool Encap(CBB *out_ciphertext, Array<uint8_t> *out_secret,
|
|
1133
|
-
uint8_t *out_alert,
|
|
1134
|
-
Span<const uint8_t> peer_key) = 0;
|
|
1358
|
+
uint8_t *out_alert, Span<const uint8_t> peer_key) = 0;
|
|
1135
1359
|
|
|
1136
1360
|
// Decap decapsulates the symmetric secret in |ciphertext|. On success, it
|
|
1137
1361
|
// returns true and sets |*out_secret| to the shared secret. On failure, it
|
|
@@ -1217,21 +1441,13 @@ bool dtls_has_unprocessed_handshake_data(const SSL *ssl);
|
|
|
1217
1441
|
// tls_flush_pending_hs_data flushes any handshake plaintext data.
|
|
1218
1442
|
bool tls_flush_pending_hs_data(SSL *ssl);
|
|
1219
1443
|
|
|
1220
|
-
struct DTLS_OUTGOING_MESSAGE {
|
|
1221
|
-
DTLS_OUTGOING_MESSAGE() {}
|
|
1222
|
-
DTLS_OUTGOING_MESSAGE(const DTLS_OUTGOING_MESSAGE &) = delete;
|
|
1223
|
-
DTLS_OUTGOING_MESSAGE &operator=(const DTLS_OUTGOING_MESSAGE &) = delete;
|
|
1224
|
-
|
|
1225
|
-
void Clear();
|
|
1226
|
-
|
|
1227
|
-
Array<uint8_t> data;
|
|
1228
|
-
uint16_t epoch = 0;
|
|
1229
|
-
bool is_ccs = false;
|
|
1230
|
-
};
|
|
1231
|
-
|
|
1232
1444
|
// dtls_clear_outgoing_messages releases all buffered outgoing messages.
|
|
1233
1445
|
void dtls_clear_outgoing_messages(SSL *ssl);
|
|
1234
1446
|
|
|
1447
|
+
// dtls_clear_unused_write_epochs releases any write epochs that are no longer
|
|
1448
|
+
// needed.
|
|
1449
|
+
void dtls_clear_unused_write_epochs(SSL *ssl);
|
|
1450
|
+
|
|
1235
1451
|
|
|
1236
1452
|
// Callbacks.
|
|
1237
1453
|
|
|
@@ -1258,11 +1474,9 @@ class SSLBuffer {
|
|
|
1258
1474
|
bool empty() const { return size_ == 0; }
|
|
1259
1475
|
size_t cap() const { return cap_; }
|
|
1260
1476
|
|
|
1261
|
-
Span<uint8_t> span() { return
|
|
1477
|
+
Span<uint8_t> span() { return Span(data(), size()); }
|
|
1262
1478
|
|
|
1263
|
-
Span<uint8_t> remaining() {
|
|
1264
|
-
return MakeSpan(data() + size(), cap() - size());
|
|
1265
|
-
}
|
|
1479
|
+
Span<uint8_t> remaining() { return Span(data() + size(), cap() - size()); }
|
|
1266
1480
|
|
|
1267
1481
|
// Clear releases the buffer.
|
|
1268
1482
|
void Clear();
|
|
@@ -1297,9 +1511,6 @@ class SSLBuffer {
|
|
|
1297
1511
|
uint16_t cap_ = 0;
|
|
1298
1512
|
// inline_buf_ is a static buffer for short reads.
|
|
1299
1513
|
uint8_t inline_buf_[SSL3_RT_HEADER_LENGTH];
|
|
1300
|
-
// buf_allocated_ is true if |buf_| points to allocated data and must be freed
|
|
1301
|
-
// or false if it points into |inline_buf_|.
|
|
1302
|
-
bool buf_allocated_ = false;
|
|
1303
1514
|
};
|
|
1304
1515
|
|
|
1305
1516
|
// ssl_read_buffer_extend_to extends the read buffer to the desired length. For
|
|
@@ -1354,32 +1565,51 @@ enum ssl_key_usage_t {
|
|
|
1354
1565
|
OPENSSL_EXPORT bool ssl_cert_check_key_usage(const CBS *in,
|
|
1355
1566
|
enum ssl_key_usage_t bit);
|
|
1356
1567
|
|
|
1568
|
+
// ssl_cert_extract_issuer parses the DER-encoded, X.509 certificate in |in|
|
|
1569
|
+
// and extracts the issuer. On success it returns true and the DER encoded
|
|
1570
|
+
// issuer is in |out_dn|, otherwise it returns false.
|
|
1571
|
+
OPENSSL_EXPORT bool ssl_cert_extract_issuer(const CBS *in, CBS *out_dn);
|
|
1572
|
+
|
|
1573
|
+
// ssl_cert_matches_issuer parses the DER-encoded, X.509 certificate in |in|
|
|
1574
|
+
// and returns true if its issuer is an exact match for the DER encoded
|
|
1575
|
+
// distinguished name in |dn|
|
|
1576
|
+
bool ssl_cert_matches_issuer(const CBS *in, const CBS *dn);
|
|
1577
|
+
|
|
1357
1578
|
// ssl_cert_parse_pubkey extracts the public key from the DER-encoded, X.509
|
|
1358
1579
|
// certificate in |in|. It returns an allocated |EVP_PKEY| or else returns
|
|
1359
1580
|
// nullptr and pushes to the error queue.
|
|
1360
1581
|
UniquePtr<EVP_PKEY> ssl_cert_parse_pubkey(const CBS *in);
|
|
1361
1582
|
|
|
1362
|
-
//
|
|
1363
|
-
//
|
|
1364
|
-
// |CRYPTO_BUFFER| list and advances
|
|
1365
|
-
// sets |*out_alert| to an alert to
|
|
1366
|
-
|
|
1367
|
-
|
|
1368
|
-
|
|
1583
|
+
// SSL_parse_CA_list parses a CA list from |cbs| in the format used by a TLS
|
|
1584
|
+
// CertificateRequest message and Certificate Authorities extension. On success,
|
|
1585
|
+
// it returns a newly-allocated |CRYPTO_BUFFER| list and advances
|
|
1586
|
+
// |cbs|. Otherwise, it returns nullptr and sets |*out_alert| to an alert to
|
|
1587
|
+
// send to the peer.
|
|
1588
|
+
UniquePtr<STACK_OF(CRYPTO_BUFFER)> SSL_parse_CA_list(SSL *ssl,
|
|
1589
|
+
uint8_t *out_alert,
|
|
1590
|
+
CBS *cbs);
|
|
1369
1591
|
|
|
1370
|
-
// ssl_has_client_CAs returns there are configured CAs.
|
|
1592
|
+
// ssl_has_client_CAs returns whether there are configured CAs.
|
|
1371
1593
|
bool ssl_has_client_CAs(const SSL_CONFIG *cfg);
|
|
1372
1594
|
|
|
1373
1595
|
// ssl_add_client_CA_list adds the configured CA list to |cbb| in the format
|
|
1374
1596
|
// used by a TLS CertificateRequest message. It returns true on success and
|
|
1375
1597
|
// false on error.
|
|
1376
|
-
bool ssl_add_client_CA_list(SSL_HANDSHAKE *hs, CBB *cbb);
|
|
1598
|
+
bool ssl_add_client_CA_list(const SSL_HANDSHAKE *hs, CBB *cbb);
|
|
1599
|
+
|
|
1600
|
+
// ssl_has_CA_names returns whether there are configured CA names.
|
|
1601
|
+
bool ssl_has_CA_names(const SSL_CONFIG *cfg);
|
|
1602
|
+
|
|
1603
|
+
// ssl_add_CA_names adds the configured CA_names list to |cbb| in the format
|
|
1604
|
+
// used by a TLS Certificate Authorities extension. It returns true on success
|
|
1605
|
+
// and false on error.
|
|
1606
|
+
bool ssl_add_CA_names(const SSL_HANDSHAKE *hs, CBB *cbb);
|
|
1377
1607
|
|
|
1378
1608
|
// ssl_check_leaf_certificate returns one if |pkey| and |leaf| are suitable as
|
|
1379
1609
|
// a server's leaf certificate for |hs|. Otherwise, it returns zero and pushes
|
|
1380
1610
|
// an error on the error queue.
|
|
1381
1611
|
bool ssl_check_leaf_certificate(SSL_HANDSHAKE *hs, EVP_PKEY *pkey,
|
|
1382
|
-
|
|
1612
|
+
const CRYPTO_BUFFER *leaf);
|
|
1383
1613
|
|
|
1384
1614
|
|
|
1385
1615
|
// TLS 1.3 key derivation.
|
|
@@ -1431,7 +1661,7 @@ bool tls13_derive_resumption_secret(SSL_HANDSHAKE *hs);
|
|
|
1431
1661
|
// |exporter_secret|.
|
|
1432
1662
|
bool tls13_export_keying_material(SSL *ssl, Span<uint8_t> out,
|
|
1433
1663
|
Span<const uint8_t> secret,
|
|
1434
|
-
|
|
1664
|
+
std::string_view label,
|
|
1435
1665
|
Span<const uint8_t> context);
|
|
1436
1666
|
|
|
1437
1667
|
// tls13_finished_mac calculates the MAC of the handshake transcript to verify
|
|
@@ -1444,7 +1674,8 @@ bool tls13_finished_mac(SSL_HANDSHAKE *hs, uint8_t *out, size_t *out_len,
|
|
|
1444
1674
|
// tls13_derive_session_psk calculates the PSK for this session based on the
|
|
1445
1675
|
// resumption master secret and |nonce|. It returns true on success, and false
|
|
1446
1676
|
// on failure.
|
|
1447
|
-
bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce
|
|
1677
|
+
bool tls13_derive_session_psk(SSL_SESSION *session, Span<const uint8_t> nonce,
|
|
1678
|
+
bool is_dtls);
|
|
1448
1679
|
|
|
1449
1680
|
// tls13_write_psk_binder calculates the PSK binder value over |transcript| and
|
|
1450
1681
|
// |msg|, and replaces the last bytes of |msg| with the resulting value. It
|
|
@@ -1594,6 +1825,8 @@ bool ssl_encrypt_client_hello(SSL_HANDSHAKE *hs, Span<const uint8_t> enc);
|
|
|
1594
1825
|
enum class SSLCredentialType {
|
|
1595
1826
|
kX509,
|
|
1596
1827
|
kDelegated,
|
|
1828
|
+
kSPAKE2PlusV1Client,
|
|
1829
|
+
kSPAKE2PlusV1Server,
|
|
1597
1830
|
};
|
|
1598
1831
|
|
|
1599
1832
|
BSSL_NAMESPACE_END
|
|
@@ -1605,7 +1838,7 @@ struct ssl_credential_st : public bssl::RefCounted<ssl_credential_st> {
|
|
|
1605
1838
|
ssl_credential_st &operator=(const ssl_credential_st &) = delete;
|
|
1606
1839
|
|
|
1607
1840
|
// Dup returns a copy of the credential, or nullptr on error. The |ex_data|
|
|
1608
|
-
// values are not copied. This is only used on the
|
|
1841
|
+
// values are not copied. This is only used on the legacy credential, whose
|
|
1609
1842
|
// |ex_data| is inaccessible.
|
|
1610
1843
|
bssl::UniquePtr<SSL_CREDENTIAL> Dup() const;
|
|
1611
1844
|
|
|
@@ -1639,6 +1872,10 @@ struct ssl_credential_st : public bssl::RefCounted<ssl_credential_st> {
|
|
|
1639
1872
|
// returns one on success and zero on error.
|
|
1640
1873
|
bool AppendIntermediateCert(bssl::UniquePtr<CRYPTO_BUFFER> cert);
|
|
1641
1874
|
|
|
1875
|
+
// ChainContainsIssuer returns true if |dn| is a byte for byte match with the
|
|
1876
|
+
// issuer of any certificate in |chain|, false otherwise.
|
|
1877
|
+
bool ChainContainsIssuer(bssl::Span<const uint8_t> dn) const;
|
|
1878
|
+
|
|
1642
1879
|
// type is the credential type and determines which other fields apply.
|
|
1643
1880
|
bssl::SSLCredentialType type;
|
|
1644
1881
|
|
|
@@ -1684,8 +1921,34 @@ struct ssl_credential_st : public bssl::RefCounted<ssl_credential_st> {
|
|
|
1684
1921
|
// OCSP response to be sent to the client, if requested.
|
|
1685
1922
|
bssl::UniquePtr<CRYPTO_BUFFER> ocsp_response;
|
|
1686
1923
|
|
|
1924
|
+
// SPAKE2+-specific information.
|
|
1925
|
+
bssl::Array<uint8_t> pake_context;
|
|
1926
|
+
bssl::Array<uint8_t> client_identity;
|
|
1927
|
+
bssl::Array<uint8_t> server_identity;
|
|
1928
|
+
bssl::Array<uint8_t> password_verifier_w0;
|
|
1929
|
+
bssl::Array<uint8_t> password_verifier_w1; // server-only
|
|
1930
|
+
bssl::Array<uint8_t> registration_record; // client-only
|
|
1931
|
+
mutable std::atomic<uint32_t> pake_limit;
|
|
1932
|
+
|
|
1933
|
+
// Checks whether there are still permitted PAKE attempts remaining, without
|
|
1934
|
+
// changing the counter.
|
|
1935
|
+
bool HasPAKEAttempts() const;
|
|
1936
|
+
|
|
1937
|
+
// Atomically decrement |pake_limit|. Return true if successful and false if
|
|
1938
|
+
// |pake_limit| is already zero.
|
|
1939
|
+
bool ClaimPAKEAttempt() const;
|
|
1940
|
+
|
|
1941
|
+
// Atomically increment |pake_limit|. This must be paired with a
|
|
1942
|
+
// |ClaimPAKEAttempt| call.
|
|
1943
|
+
void RestorePAKEAttempt() const;
|
|
1944
|
+
|
|
1687
1945
|
CRYPTO_EX_DATA ex_data;
|
|
1688
1946
|
|
|
1947
|
+
// must_match_issuer is a flag indicating that this credential should be
|
|
1948
|
+
// considered only when it matches a peer request for a particular issuer via
|
|
1949
|
+
// a negotiation mechanism (such as the certificate_authorities extension).
|
|
1950
|
+
bool must_match_issuer = false;
|
|
1951
|
+
|
|
1689
1952
|
private:
|
|
1690
1953
|
friend RefCounted;
|
|
1691
1954
|
~ssl_credential_st();
|
|
@@ -1701,6 +1964,11 @@ BSSL_NAMESPACE_BEGIN
|
|
|
1701
1964
|
// The pointers in the result are only valid until |hs| is next mutated.
|
|
1702
1965
|
bool ssl_get_credential_list(SSL_HANDSHAKE *hs, Array<SSL_CREDENTIAL *> *out);
|
|
1703
1966
|
|
|
1967
|
+
// ssl_credential_matches_requested_issuers returns true if |cred| is a
|
|
1968
|
+
// usable match for any requested issuers in |hs|, and false with an error
|
|
1969
|
+
// otherwise.
|
|
1970
|
+
bool ssl_credential_matches_requested_issuers(SSL_HANDSHAKE *hs,
|
|
1971
|
+
const SSL_CREDENTIAL *cred);
|
|
1704
1972
|
|
|
1705
1973
|
// Handshake functions.
|
|
1706
1974
|
|
|
@@ -1824,6 +2092,14 @@ struct SSL_HANDSHAKE_HINTS {
|
|
|
1824
2092
|
bool ignore_ticket = false;
|
|
1825
2093
|
};
|
|
1826
2094
|
|
|
2095
|
+
struct SSLPAKEShare {
|
|
2096
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
2097
|
+
uint16_t named_pake;
|
|
2098
|
+
Array<uint8_t> client_identity;
|
|
2099
|
+
Array<uint8_t> server_identity;
|
|
2100
|
+
Array<uint8_t> pake_message;
|
|
2101
|
+
};
|
|
2102
|
+
|
|
1827
2103
|
struct SSL_HANDSHAKE {
|
|
1828
2104
|
explicit SSL_HANDSHAKE(SSL *ssl);
|
|
1829
2105
|
~SSL_HANDSHAKE();
|
|
@@ -1855,18 +2131,13 @@ struct SSL_HANDSHAKE {
|
|
|
1855
2131
|
// |SSL_OP_NO_*| and |SSL_CTX_set_max_proto_version| APIs.
|
|
1856
2132
|
uint16_t max_version = 0;
|
|
1857
2133
|
|
|
1858
|
-
|
|
1859
|
-
|
|
1860
|
-
uint8_t
|
|
1861
|
-
uint8_t
|
|
1862
|
-
uint8_t
|
|
1863
|
-
uint8_t
|
|
1864
|
-
uint8_t
|
|
1865
|
-
uint8_t server_traffic_secret_0_[SSL_MAX_MD_SIZE] = {0};
|
|
1866
|
-
uint8_t expected_client_finished_[SSL_MAX_MD_SIZE] = {0};
|
|
1867
|
-
|
|
1868
|
-
public:
|
|
1869
|
-
void ResizeSecrets(size_t hash_len);
|
|
2134
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> secret;
|
|
2135
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> early_traffic_secret;
|
|
2136
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> client_handshake_secret;
|
|
2137
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> server_handshake_secret;
|
|
2138
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> client_traffic_secret_0;
|
|
2139
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> server_traffic_secret_0;
|
|
2140
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> expected_client_finished;
|
|
1870
2141
|
|
|
1871
2142
|
// GetClientHello, on the server, returns either the normal ClientHello
|
|
1872
2143
|
// message or the ClientHelloInner if it has been serialized to
|
|
@@ -1879,29 +2150,6 @@ struct SSL_HANDSHAKE {
|
|
|
1879
2150
|
// SSL_HANDSHAKE.
|
|
1880
2151
|
bool GetClientHello(SSLMessage *out_msg, SSL_CLIENT_HELLO *out_client_hello);
|
|
1881
2152
|
|
|
1882
|
-
Span<uint8_t> secret() { return MakeSpan(secret_, hash_len_); }
|
|
1883
|
-
Span<const uint8_t> secret() const {
|
|
1884
|
-
return MakeConstSpan(secret_, hash_len_);
|
|
1885
|
-
}
|
|
1886
|
-
Span<uint8_t> early_traffic_secret() {
|
|
1887
|
-
return MakeSpan(early_traffic_secret_, hash_len_);
|
|
1888
|
-
}
|
|
1889
|
-
Span<uint8_t> client_handshake_secret() {
|
|
1890
|
-
return MakeSpan(client_handshake_secret_, hash_len_);
|
|
1891
|
-
}
|
|
1892
|
-
Span<uint8_t> server_handshake_secret() {
|
|
1893
|
-
return MakeSpan(server_handshake_secret_, hash_len_);
|
|
1894
|
-
}
|
|
1895
|
-
Span<uint8_t> client_traffic_secret_0() {
|
|
1896
|
-
return MakeSpan(client_traffic_secret_0_, hash_len_);
|
|
1897
|
-
}
|
|
1898
|
-
Span<uint8_t> server_traffic_secret_0() {
|
|
1899
|
-
return MakeSpan(server_traffic_secret_0_, hash_len_);
|
|
1900
|
-
}
|
|
1901
|
-
Span<uint8_t> expected_client_finished() {
|
|
1902
|
-
return MakeSpan(expected_client_finished_, hash_len_);
|
|
1903
|
-
}
|
|
1904
|
-
|
|
1905
2153
|
union {
|
|
1906
2154
|
// sent is a bitset where the bits correspond to elements of kExtensions
|
|
1907
2155
|
// in extensions.cc. Each bit is set if that extension was sent in a
|
|
@@ -1942,7 +2190,8 @@ struct SSL_HANDSHAKE {
|
|
|
1942
2190
|
|
|
1943
2191
|
// dtls_cookie is the value of the cookie in DTLS HelloVerifyRequest. If
|
|
1944
2192
|
// empty, either none was received or HelloVerifyRequest contained an empty
|
|
1945
|
-
// cookie.
|
|
2193
|
+
// cookie. Check the received_hello_verify_request field to distinguish an
|
|
2194
|
+
// empty cookie from no HelloVerifyRequest message being received.
|
|
1946
2195
|
Array<uint8_t> dtls_cookie;
|
|
1947
2196
|
|
|
1948
2197
|
// ech_client_outer contains the outer ECH extension to send in the
|
|
@@ -2006,8 +2255,8 @@ struct SSL_HANDSHAKE {
|
|
|
2006
2255
|
// server when using a TLS 1.2 PSK key exchange.
|
|
2007
2256
|
UniquePtr<char> peer_psk_identity_hint;
|
|
2008
2257
|
|
|
2009
|
-
// ca_names
|
|
2010
|
-
// CertificateRequest message
|
|
2258
|
+
// ca_names contains the list of CAs received via the Certificate Authorities
|
|
2259
|
+
// extension in our peer's CertificateRequest or ClientHello message
|
|
2011
2260
|
UniquePtr<STACK_OF(CRYPTO_BUFFER)> ca_names;
|
|
2012
2261
|
|
|
2013
2262
|
// cached_x509_ca_names contains a cache of parsed versions of the elements of
|
|
@@ -2109,6 +2358,10 @@ struct SSL_HANDSHAKE {
|
|
|
2109
2358
|
// the handshake.
|
|
2110
2359
|
bool can_early_write : 1;
|
|
2111
2360
|
|
|
2361
|
+
// is_early_version is true if the protocol version configured is not
|
|
2362
|
+
// necessarily the final version and is just the predicted 0-RTT version.
|
|
2363
|
+
bool is_early_version : 1;
|
|
2364
|
+
|
|
2112
2365
|
// next_proto_neg_seen is one of NPN was negotiated.
|
|
2113
2366
|
bool next_proto_neg_seen : 1;
|
|
2114
2367
|
|
|
@@ -2150,6 +2403,10 @@ struct SSL_HANDSHAKE {
|
|
|
2150
2403
|
// handshake.
|
|
2151
2404
|
bool channel_id_negotiated : 1;
|
|
2152
2405
|
|
|
2406
|
+
// received_hello_verify_request is true if we received a HelloVerifyRequest
|
|
2407
|
+
// message from the server.
|
|
2408
|
+
bool received_hello_verify_request : 1;
|
|
2409
|
+
|
|
2153
2410
|
// client_version is the value sent or received in the ClientHello version.
|
|
2154
2411
|
uint16_t client_version = 0;
|
|
2155
2412
|
|
|
@@ -2169,11 +2426,22 @@ struct SSL_HANDSHAKE {
|
|
|
2169
2426
|
uint8_t ech_config_id = 0;
|
|
2170
2427
|
|
|
2171
2428
|
// session_id is the session ID in the ClientHello.
|
|
2172
|
-
uint8_t
|
|
2173
|
-
uint8_t session_id_len = 0;
|
|
2429
|
+
InplaceVector<uint8_t, SSL_MAX_SSL_SESSION_ID_LENGTH> session_id;
|
|
2174
2430
|
|
|
2175
2431
|
// grease_seed is the entropy for GREASE values.
|
|
2176
2432
|
uint8_t grease_seed[ssl_grease_last_index + 1] = {0};
|
|
2433
|
+
|
|
2434
|
+
// pake_share is the PAKE message received over the wire, if any.
|
|
2435
|
+
UniquePtr<SSLPAKEShare> pake_share;
|
|
2436
|
+
|
|
2437
|
+
// pake_share_bytes are the bytes of the PAKEShare to send, if any.
|
|
2438
|
+
Array<uint8_t> pake_share_bytes;
|
|
2439
|
+
|
|
2440
|
+
// pake_prover is the PAKE context for a client.
|
|
2441
|
+
UniquePtr<spake2plus::Prover> pake_prover;
|
|
2442
|
+
|
|
2443
|
+
// pake_verifier is the PAKE context for a server.
|
|
2444
|
+
UniquePtr<spake2plus::Verifier> pake_verifier;
|
|
2177
2445
|
};
|
|
2178
2446
|
|
|
2179
2447
|
// kMaxTickets is the maximum number of tickets to send immediately after the
|
|
@@ -2206,10 +2474,9 @@ const char *ssl_server_handshake_state(SSL_HANDSHAKE *hs);
|
|
|
2206
2474
|
const char *tls13_client_handshake_state(SSL_HANDSHAKE *hs);
|
|
2207
2475
|
const char *tls13_server_handshake_state(SSL_HANDSHAKE *hs);
|
|
2208
2476
|
|
|
2209
|
-
// tls13_add_key_update queues a KeyUpdate message on |ssl|.
|
|
2210
|
-
//
|
|
2211
|
-
|
|
2212
|
-
bool tls13_add_key_update(SSL *ssl, int update_requested);
|
|
2477
|
+
// tls13_add_key_update queues a KeyUpdate message on |ssl|. |request_type| must
|
|
2478
|
+
// be one of |SSL_KEY_UPDATE_REQUESTED| or |SSL_KEY_UPDATE_NOT_REQUESTED|.
|
|
2479
|
+
bool tls13_add_key_update(SSL *ssl, int request_type);
|
|
2213
2480
|
|
|
2214
2481
|
// tls13_post_handshake processes a post-handshake message. It returns true on
|
|
2215
2482
|
// success and false on failure.
|
|
@@ -2247,6 +2514,10 @@ bool ssl_setup_extension_permutation(SSL_HANDSHAKE *hs);
|
|
|
2247
2514
|
// a single key share of the specified group.
|
|
2248
2515
|
bool ssl_setup_key_shares(SSL_HANDSHAKE *hs, uint16_t override_group_id);
|
|
2249
2516
|
|
|
2517
|
+
// ssl_setup_pake_shares computes the client PAKE shares and saves them in |hs|.
|
|
2518
|
+
// It returns true on success and false on failure.
|
|
2519
|
+
bool ssl_setup_pake_shares(SSL_HANDSHAKE *hs);
|
|
2520
|
+
|
|
2250
2521
|
bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
2251
2522
|
Array<uint8_t> *out_secret,
|
|
2252
2523
|
uint8_t *out_alert, CBS *contents);
|
|
@@ -2254,8 +2525,13 @@ bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
|
|
|
2254
2525
|
Span<const uint8_t> *out_peer_key,
|
|
2255
2526
|
uint8_t *out_alert,
|
|
2256
2527
|
const SSL_CLIENT_HELLO *client_hello);
|
|
2528
|
+
bool ssl_ext_pake_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
|
|
2257
2529
|
bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out);
|
|
2258
2530
|
|
|
2531
|
+
bool ssl_ext_pake_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
2532
|
+
Array<uint8_t> *out_secret,
|
|
2533
|
+
uint8_t *out_alert, CBS *contents);
|
|
2534
|
+
|
|
2259
2535
|
bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
2260
2536
|
uint8_t *out_alert,
|
|
2261
2537
|
CBS *contents);
|
|
@@ -2400,12 +2676,6 @@ bool ssl_log_secret(const SSL *ssl, const char *label,
|
|
|
2400
2676
|
|
|
2401
2677
|
// ClientHello functions.
|
|
2402
2678
|
|
|
2403
|
-
// ssl_client_hello_init parses |body| as a ClientHello message, excluding the
|
|
2404
|
-
// message header, and writes the result to |*out|. It returns true on success
|
|
2405
|
-
// and false on error. This function is exported for testing.
|
|
2406
|
-
OPENSSL_EXPORT bool ssl_client_hello_init(const SSL *ssl, SSL_CLIENT_HELLO *out,
|
|
2407
|
-
Span<const uint8_t> body);
|
|
2408
|
-
|
|
2409
2679
|
bool ssl_parse_client_hello_with_trailing_data(const SSL *ssl, CBS *cbs,
|
|
2410
2680
|
SSL_CLIENT_HELLO *out);
|
|
2411
2681
|
|
|
@@ -2470,32 +2740,32 @@ struct CERT {
|
|
|
2470
2740
|
explicit CERT(const SSL_X509_METHOD *x509_method);
|
|
2471
2741
|
~CERT();
|
|
2472
2742
|
|
|
2473
|
-
bool is_valid() const { return
|
|
2743
|
+
bool is_valid() const { return legacy_credential != nullptr; }
|
|
2474
2744
|
|
|
2475
2745
|
// credentials is the list of credentials to select between. Elements of this
|
|
2476
2746
|
// array immutable.
|
|
2477
|
-
|
|
2747
|
+
Vector<UniquePtr<SSL_CREDENTIAL>> credentials;
|
|
2478
2748
|
|
|
2479
|
-
//
|
|
2749
|
+
// legacy_credential is the credential configured by the legacy
|
|
2480
2750
|
// non-credential-based APIs. If IsComplete() returns true, it is appended to
|
|
2481
2751
|
// the list of credentials.
|
|
2482
|
-
UniquePtr<SSL_CREDENTIAL>
|
|
2752
|
+
UniquePtr<SSL_CREDENTIAL> legacy_credential;
|
|
2483
2753
|
|
|
2484
2754
|
// x509_method contains pointers to functions that might deal with |X509|
|
|
2485
2755
|
// compatibility, or might be a no-op, depending on the application.
|
|
2486
2756
|
const SSL_X509_METHOD *x509_method = nullptr;
|
|
2487
2757
|
|
|
2488
|
-
// x509_chain may contain a parsed copy of |chain[1..]| from the
|
|
2758
|
+
// x509_chain may contain a parsed copy of |chain[1..]| from the legacy
|
|
2489
2759
|
// credential. This is only used as a cache in order to implement “get0”
|
|
2490
2760
|
// functions that return a non-owning pointer to the certificate chain.
|
|
2491
2761
|
STACK_OF(X509) *x509_chain = nullptr;
|
|
2492
2762
|
|
|
2493
2763
|
// x509_leaf may contain a parsed copy of the first element of |chain| from
|
|
2494
|
-
// the
|
|
2764
|
+
// the legacy credential. This is only used as a cache in order to implement
|
|
2495
2765
|
// “get0” functions that return a non-owning pointer to the certificate chain.
|
|
2496
2766
|
X509 *x509_leaf = nullptr;
|
|
2497
2767
|
|
|
2498
|
-
// x509_stash contains the last |X509| object append to the
|
|
2768
|
+
// x509_stash contains the last |X509| object append to the legacy
|
|
2499
2769
|
// credential's chain. This is a workaround for some third-party code that
|
|
2500
2770
|
// continue to use an |X509| object even after passing ownership with an
|
|
2501
2771
|
// “add0” function.
|
|
@@ -2516,8 +2786,7 @@ struct CERT {
|
|
|
2516
2786
|
|
|
2517
2787
|
// sid_ctx partitions the session space within a shared session cache or
|
|
2518
2788
|
// ticket key. Only sessions with a matching value will be accepted.
|
|
2519
|
-
uint8_t
|
|
2520
|
-
uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH] = {0};
|
|
2789
|
+
InplaceVector<uint8_t, SSL_MAX_SID_CTX_LENGTH> sid_ctx;
|
|
2521
2790
|
};
|
|
2522
2791
|
|
|
2523
2792
|
// |SSL_PROTOCOL_METHOD| abstracts between TLS and DTLS.
|
|
@@ -2566,25 +2835,37 @@ struct SSL_PROTOCOL_METHOD {
|
|
|
2566
2835
|
// add_change_cipher_spec adds a ChangeCipherSpec record to the pending
|
|
2567
2836
|
// flight. It returns true on success and false on error.
|
|
2568
2837
|
bool (*add_change_cipher_spec)(SSL *ssl);
|
|
2569
|
-
//
|
|
2570
|
-
//
|
|
2571
|
-
|
|
2838
|
+
// finish_flight marks the pending flight as finished and ready to send.
|
|
2839
|
+
// |flush| must be called to write it.
|
|
2840
|
+
void (*finish_flight)(SSL *ssl);
|
|
2841
|
+
// schedule_ack schedules a DTLS 1.3 ACK to be sent, without an ACK delay.
|
|
2842
|
+
// |flush| must be called to write it.
|
|
2843
|
+
void (*schedule_ack)(SSL *ssl);
|
|
2844
|
+
// flush writes any scheduled data to the transport. It returns one on success
|
|
2845
|
+
// and <= 0 on error.
|
|
2846
|
+
int (*flush)(SSL *ssl);
|
|
2572
2847
|
// on_handshake_complete is called when the handshake is complete.
|
|
2573
2848
|
void (*on_handshake_complete)(SSL *ssl);
|
|
2574
2849
|
// set_read_state sets |ssl|'s read cipher state and level to |aead_ctx| and
|
|
2575
|
-
// |level|. In QUIC, |aead_ctx| is a placeholder object
|
|
2576
|
-
// is the original secret. This function returns true
|
|
2577
|
-
// error.
|
|
2850
|
+
// |level|. In QUIC, |aead_ctx| is a placeholder object. In TLS 1.3,
|
|
2851
|
+
// |traffic_secret| is the original traffic secret. This function returns true
|
|
2852
|
+
// on success and false on error.
|
|
2853
|
+
//
|
|
2854
|
+
// TODO(crbug.com/371998381): Take the traffic secrets as input and let the
|
|
2855
|
+
// function create the SSLAEADContext.
|
|
2578
2856
|
bool (*set_read_state)(SSL *ssl, ssl_encryption_level_t level,
|
|
2579
2857
|
UniquePtr<SSLAEADContext> aead_ctx,
|
|
2580
|
-
Span<const uint8_t>
|
|
2858
|
+
Span<const uint8_t> traffic_secret);
|
|
2581
2859
|
// set_write_state sets |ssl|'s write cipher state and level to |aead_ctx| and
|
|
2582
|
-
// |level|. In QUIC, |aead_ctx| is a placeholder object
|
|
2583
|
-
// is the original secret. This function returns true
|
|
2584
|
-
// error.
|
|
2860
|
+
// |level|. In QUIC, |aead_ctx| is a placeholder object In TLS 1.3,
|
|
2861
|
+
// |traffic_secret| is the original traffic secret. This function returns true
|
|
2862
|
+
// on success and false on error.
|
|
2863
|
+
//
|
|
2864
|
+
// TODO(crbug.com/371998381): Take the traffic secrets as input and let the
|
|
2865
|
+
// function create the SSLAEADContext.
|
|
2585
2866
|
bool (*set_write_state)(SSL *ssl, ssl_encryption_level_t level,
|
|
2586
2867
|
UniquePtr<SSLAEADContext> aead_ctx,
|
|
2587
|
-
Span<const uint8_t>
|
|
2868
|
+
Span<const uint8_t> traffic_secret);
|
|
2588
2869
|
};
|
|
2589
2870
|
|
|
2590
2871
|
// The following wrappers call |open_*| but handle |read_shutdown| correctly.
|
|
@@ -2610,10 +2891,10 @@ ssl_open_record_t ssl_open_app_data(SSL *ssl, Span<uint8_t> *out,
|
|
|
2610
2891
|
Span<uint8_t> in);
|
|
2611
2892
|
|
|
2612
2893
|
struct SSL_X509_METHOD {
|
|
2613
|
-
//
|
|
2614
|
-
//
|
|
2615
|
-
//
|
|
2616
|
-
bool (*
|
|
2894
|
+
// check_CA_list returns one if |names| is a good list of X.509 distinguished
|
|
2895
|
+
// names and zero otherwise. This is used to ensure that we can reject
|
|
2896
|
+
// unparsable values at handshake time when using crypto/x509.
|
|
2897
|
+
bool (*check_CA_list)(STACK_OF(CRYPTO_BUFFER) *names);
|
|
2617
2898
|
|
|
2618
2899
|
// cert_clear frees and NULLs all X509 certificate-related state.
|
|
2619
2900
|
void (*cert_clear)(CERT *cert);
|
|
@@ -2774,8 +3055,14 @@ struct SSL3_STATE {
|
|
|
2774
3055
|
// needs re-doing when in SSL_accept or SSL_connect
|
|
2775
3056
|
int rwstate = SSL_ERROR_NONE;
|
|
2776
3057
|
|
|
2777
|
-
enum ssl_encryption_level_t
|
|
2778
|
-
enum ssl_encryption_level_t
|
|
3058
|
+
enum ssl_encryption_level_t quic_read_level = ssl_encryption_initial;
|
|
3059
|
+
enum ssl_encryption_level_t quic_write_level = ssl_encryption_initial;
|
|
3060
|
+
|
|
3061
|
+
// version is the protocol version, or zero if the version has not yet been
|
|
3062
|
+
// set. In clients offering 0-RTT, this version will initially be set to the
|
|
3063
|
+
// early version, then switched to the final version. To distinguish these
|
|
3064
|
+
// cases, use |ssl_has_final_version|.
|
|
3065
|
+
uint16_t version = 0;
|
|
2779
3066
|
|
|
2780
3067
|
// early_data_skipped is the amount of early data that has been skipped by the
|
|
2781
3068
|
// record layer.
|
|
@@ -2798,10 +3085,6 @@ struct SSL3_STATE {
|
|
|
2798
3085
|
// messages when 0RTT is rejected.
|
|
2799
3086
|
bool skip_early_data : 1;
|
|
2800
3087
|
|
|
2801
|
-
// have_version is true if the connection's final version is known. Otherwise
|
|
2802
|
-
// the version has not been negotiated yet.
|
|
2803
|
-
bool have_version : 1;
|
|
2804
|
-
|
|
2805
3088
|
// v2_hello_done is true if the peer's V2ClientHello, if any, has been handled
|
|
2806
3089
|
// and future messages should use the record layer.
|
|
2807
3090
|
bool v2_hello_done : 1;
|
|
@@ -2827,8 +3110,10 @@ struct SSL3_STATE {
|
|
|
2827
3110
|
// Channel ID and the |channel_id| field is filled in.
|
|
2828
3111
|
bool channel_id_valid : 1;
|
|
2829
3112
|
|
|
2830
|
-
// key_update_pending is true if we
|
|
2831
|
-
//
|
|
3113
|
+
// key_update_pending is true if we are in the process of sending a KeyUpdate
|
|
3114
|
+
// message. As a DoS mitigation (and a requirement in DTLS), we never send
|
|
3115
|
+
// more than one KeyUpdate at once. In DTLS, this tracks whether there is an
|
|
3116
|
+
// unACKed KeyUpdate.
|
|
2832
3117
|
bool key_update_pending : 1;
|
|
2833
3118
|
|
|
2834
3119
|
// early_data_accepted is true if early data was accepted by the server.
|
|
@@ -2885,18 +3170,13 @@ struct SSL3_STATE {
|
|
|
2885
3170
|
// one.
|
|
2886
3171
|
UniquePtr<SSL_HANDSHAKE> hs;
|
|
2887
3172
|
|
|
2888
|
-
uint8_t
|
|
2889
|
-
uint8_t
|
|
2890
|
-
uint8_t
|
|
2891
|
-
uint8_t write_traffic_secret_len = 0;
|
|
2892
|
-
uint8_t read_traffic_secret_len = 0;
|
|
2893
|
-
uint8_t exporter_secret_len = 0;
|
|
3173
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> write_traffic_secret;
|
|
3174
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> read_traffic_secret;
|
|
3175
|
+
InplaceVector<uint8_t, SSL_MAX_MD_SIZE> exporter_secret;
|
|
2894
3176
|
|
|
2895
3177
|
// Connection binding to prevent renegotiation attacks
|
|
2896
|
-
uint8_t
|
|
2897
|
-
uint8_t
|
|
2898
|
-
uint8_t previous_server_finished_len = 0;
|
|
2899
|
-
uint8_t previous_server_finished[12] = {0};
|
|
3178
|
+
InplaceVector<uint8_t, 12> previous_client_finished;
|
|
3179
|
+
InplaceVector<uint8_t, 12> previous_server_finished;
|
|
2900
3180
|
|
|
2901
3181
|
uint8_t send_alert[2] = {0};
|
|
2902
3182
|
|
|
@@ -2939,13 +3219,67 @@ struct SSL3_STATE {
|
|
|
2939
3219
|
};
|
|
2940
3220
|
|
|
2941
3221
|
// lengths of messages
|
|
2942
|
-
#define
|
|
3222
|
+
#define DTLS1_RT_MAX_HEADER_LENGTH 13
|
|
3223
|
+
|
|
3224
|
+
// DTLS_PLAINTEXT_RECORD_HEADER_LENGTH is the length of the DTLS record header
|
|
3225
|
+
// for plaintext records (in DTLS 1.3) or DTLS versions <= 1.2.
|
|
3226
|
+
#define DTLS_PLAINTEXT_RECORD_HEADER_LENGTH 13
|
|
3227
|
+
|
|
3228
|
+
// DTLS1_3_RECORD_HEADER_LENGTH is the length of the DTLS 1.3 record header
|
|
3229
|
+
// sent by BoringSSL for encrypted records. Note that received encrypted DTLS
|
|
3230
|
+
// 1.3 records might have a different length header.
|
|
3231
|
+
#define DTLS1_3_RECORD_HEADER_WRITE_LENGTH 5
|
|
3232
|
+
|
|
3233
|
+
static_assert(DTLS1_RT_MAX_HEADER_LENGTH >= DTLS_PLAINTEXT_RECORD_HEADER_LENGTH,
|
|
3234
|
+
"DTLS1_RT_MAX_HEADER_LENGTH must not be smaller than defined "
|
|
3235
|
+
"record header lengths");
|
|
3236
|
+
static_assert(DTLS1_RT_MAX_HEADER_LENGTH >= DTLS1_3_RECORD_HEADER_WRITE_LENGTH,
|
|
3237
|
+
"DTLS1_RT_MAX_HEADER_LENGTH must not be smaller than defined "
|
|
3238
|
+
"record header lengths");
|
|
2943
3239
|
|
|
2944
3240
|
#define DTLS1_HM_HEADER_LENGTH 12
|
|
2945
3241
|
|
|
2946
|
-
|
|
3242
|
+
// A DTLSMessageBitmap maintains a list of bits which may be marked to indicate
|
|
3243
|
+
// a portion of a message was received or ACKed.
|
|
3244
|
+
class DTLSMessageBitmap {
|
|
3245
|
+
public:
|
|
3246
|
+
// A Range represents a range of bits from |start|, inclusive, to |end|,
|
|
3247
|
+
// exclusive.
|
|
3248
|
+
struct Range {
|
|
3249
|
+
size_t start = 0;
|
|
3250
|
+
size_t end = 0;
|
|
3251
|
+
|
|
3252
|
+
bool empty() const { return start == end; }
|
|
3253
|
+
size_t size() const { return end - start; }
|
|
3254
|
+
bool operator==(const Range &r) const {
|
|
3255
|
+
return start == r.start && end == r.end;
|
|
3256
|
+
}
|
|
3257
|
+
bool operator!=(const Range &r) const { return !(*this == r); }
|
|
3258
|
+
};
|
|
3259
|
+
|
|
3260
|
+
// Init initializes the structure with |num_bits| unmarked bits, from zero
|
|
3261
|
+
// to |num_bits - 1|.
|
|
3262
|
+
bool Init(size_t num_bits);
|
|
3263
|
+
|
|
3264
|
+
// MarkRange marks the bits from |start|, inclusive, to |end|, exclusive.
|
|
3265
|
+
void MarkRange(size_t start, size_t end);
|
|
3266
|
+
|
|
3267
|
+
// NextUnmarkedRange returns the next range of unmarked bits, starting from
|
|
3268
|
+
// |start|, inclusive. If all bits after |start| are marked, it returns an
|
|
3269
|
+
// empty range.
|
|
3270
|
+
Range NextUnmarkedRange(size_t start) const;
|
|
2947
3271
|
|
|
2948
|
-
|
|
3272
|
+
// IsComplete returns whether every bit in the bitmask has been marked.
|
|
3273
|
+
bool IsComplete() const { return bytes_.empty(); }
|
|
3274
|
+
|
|
3275
|
+
private:
|
|
3276
|
+
// bytes_ contains the unmarked bits. We maintain an invariant: if |bytes_| is
|
|
3277
|
+
// not empty, some bit is unset.
|
|
3278
|
+
Array<uint8_t> bytes_;
|
|
3279
|
+
// first_unmarked_byte_ is the index of first byte in |bytes_| that is not
|
|
3280
|
+
// 0xff. This is maintained to amortize checking if the message is complete.
|
|
3281
|
+
size_t first_unmarked_byte_ = 0;
|
|
3282
|
+
};
|
|
2949
3283
|
|
|
2950
3284
|
struct hm_header_st {
|
|
2951
3285
|
uint8_t type;
|
|
@@ -2955,28 +3289,47 @@ struct hm_header_st {
|
|
|
2955
3289
|
uint32_t frag_len;
|
|
2956
3290
|
};
|
|
2957
3291
|
|
|
2958
|
-
// An
|
|
2959
|
-
|
|
3292
|
+
// An DTLSIncomingMessage is an incoming DTLS message, possibly not yet
|
|
3293
|
+
// assembled.
|
|
3294
|
+
struct DTLSIncomingMessage {
|
|
2960
3295
|
static constexpr bool kAllowUniquePtr = true;
|
|
2961
3296
|
|
|
2962
|
-
|
|
2963
|
-
|
|
2964
|
-
|
|
2965
|
-
|
|
2966
|
-
|
|
3297
|
+
Span<uint8_t> msg() { return Span(data).subspan(DTLS1_HM_HEADER_LENGTH); }
|
|
3298
|
+
Span<const uint8_t> msg() const {
|
|
3299
|
+
return Span(data).subspan(DTLS1_HM_HEADER_LENGTH);
|
|
3300
|
+
}
|
|
3301
|
+
size_t msg_len() const { return msg().size(); }
|
|
2967
3302
|
|
|
2968
3303
|
// type is the type of the message.
|
|
2969
3304
|
uint8_t type = 0;
|
|
2970
3305
|
// seq is the sequence number of this message.
|
|
2971
3306
|
uint16_t seq = 0;
|
|
2972
|
-
//
|
|
2973
|
-
|
|
2974
|
-
|
|
2975
|
-
//
|
|
2976
|
-
|
|
2977
|
-
|
|
2978
|
-
|
|
2979
|
-
|
|
3307
|
+
// data contains the message, including the message header of length
|
|
3308
|
+
// |DTLS1_HM_HEADER_LENGTH|.
|
|
3309
|
+
Array<uint8_t> data;
|
|
3310
|
+
// reassembly tracks which parts of the message have been received.
|
|
3311
|
+
DTLSMessageBitmap reassembly;
|
|
3312
|
+
};
|
|
3313
|
+
|
|
3314
|
+
struct DTLSOutgoingMessage {
|
|
3315
|
+
size_t msg_len() const {
|
|
3316
|
+
assert(!is_ccs);
|
|
3317
|
+
assert(data.size() >= DTLS1_HM_HEADER_LENGTH);
|
|
3318
|
+
return data.size() - DTLS1_HM_HEADER_LENGTH;
|
|
3319
|
+
}
|
|
3320
|
+
|
|
3321
|
+
bool IsFullyAcked() const {
|
|
3322
|
+
// ACKs only exist in DTLS 1.3, which does not send ChangeCipherSpec.
|
|
3323
|
+
return !is_ccs && acked.IsComplete();
|
|
3324
|
+
}
|
|
3325
|
+
|
|
3326
|
+
Array<uint8_t> data;
|
|
3327
|
+
uint16_t epoch = 0;
|
|
3328
|
+
bool is_ccs = false;
|
|
3329
|
+
// acked tracks which bits of the message have been ACKed by the peer. If
|
|
3330
|
+
// |msg_len| is zero, it tracks one bit for whether the header has been
|
|
3331
|
+
// received.
|
|
3332
|
+
DTLSMessageBitmap acked;
|
|
2980
3333
|
};
|
|
2981
3334
|
|
|
2982
3335
|
struct OPENSSL_timeval {
|
|
@@ -2984,12 +3337,111 @@ struct OPENSSL_timeval {
|
|
|
2984
3337
|
uint32_t tv_usec;
|
|
2985
3338
|
};
|
|
2986
3339
|
|
|
3340
|
+
struct DTLSTimer {
|
|
3341
|
+
public:
|
|
3342
|
+
static constexpr uint64_t kNever = UINT64_MAX;
|
|
3343
|
+
|
|
3344
|
+
// StartMicroseconds schedules the timer to expire the specified number of
|
|
3345
|
+
// microseconds from |now|.
|
|
3346
|
+
void StartMicroseconds(OPENSSL_timeval now, uint64_t microseconds);
|
|
3347
|
+
|
|
3348
|
+
// Stop disables the timer.
|
|
3349
|
+
void Stop();
|
|
3350
|
+
|
|
3351
|
+
// IsExpired returns true if the timer was set and is expired at time |now|.
|
|
3352
|
+
bool IsExpired(OPENSSL_timeval now) const;
|
|
3353
|
+
|
|
3354
|
+
// IsSet returns true if the timer is scheduled or expired, and false if it is
|
|
3355
|
+
// stopped.
|
|
3356
|
+
bool IsSet() const;
|
|
3357
|
+
|
|
3358
|
+
// MicrosecondsRemaining returns the time remaining, in microseconds, at
|
|
3359
|
+
// |now|, or |kNever| if the timer is unset.
|
|
3360
|
+
uint64_t MicrosecondsRemaining(OPENSSL_timeval now) const;
|
|
3361
|
+
|
|
3362
|
+
private:
|
|
3363
|
+
// expire_time_ is the time when the timer expires, or zero if the timer is
|
|
3364
|
+
// unset.
|
|
3365
|
+
//
|
|
3366
|
+
// TODO(crbug.com/366284846): This is an extremely inconvenient time
|
|
3367
|
+
// representation. Switch libssl to something like a 64-bit count of
|
|
3368
|
+
// microseconds. While it's decidedly past 1970 now, zero is a less obviously
|
|
3369
|
+
// sound distinguished value for the monotonic clock, so maybe we should use a
|
|
3370
|
+
// different distinguished time, like |INT64_MAX| in the microseconds
|
|
3371
|
+
// representation.
|
|
3372
|
+
OPENSSL_timeval expire_time_ = {0, 0};
|
|
3373
|
+
};
|
|
3374
|
+
|
|
3375
|
+
// DTLS_MAX_EXTRA_WRITE_EPOCHS is the maximum number of additional write epochs
|
|
3376
|
+
// that DTLS may need to retain.
|
|
3377
|
+
//
|
|
3378
|
+
// The maximum is, as a DTLS 1.3 server, immediately after sending Finished. At
|
|
3379
|
+
// this point, the current epoch is the application write keys (epoch 3), but we
|
|
3380
|
+
// may have ServerHello (epoch 0) and EncryptedExtensions (epoch 1) to
|
|
3381
|
+
// retransmit. KeyUpdate does not increase this count. If the server were to
|
|
3382
|
+
// initiate KeyUpdate from this state, it would not apply the new epoch until
|
|
3383
|
+
// the client's ACKs have caught up. At that point, epochs 0 and 1 can be
|
|
3384
|
+
// discarded.
|
|
3385
|
+
#define DTLS_MAX_EXTRA_WRITE_EPOCHS 2
|
|
3386
|
+
|
|
3387
|
+
// DTLS_MAX_ACK_BUFFER is the maximum number of records worth of data we'll keep
|
|
3388
|
+
// track of with DTLS 1.3 ACKs. When we exceed this value, information about
|
|
3389
|
+
// stale records will be dropped. This will not break the connection but may
|
|
3390
|
+
// cause ACKs to perform worse and retransmit unnecessary information.
|
|
3391
|
+
#define DTLS_MAX_ACK_BUFFER 32
|
|
3392
|
+
|
|
3393
|
+
// A DTLSSentRecord records information about a record we sent. Each record
|
|
3394
|
+
// covers all bytes from |first_msg_start| (inclusive) of |first_msg| to
|
|
3395
|
+
// |last_msg_end| (exclusive) of |last_msg|. Messages are referenced by index
|
|
3396
|
+
// into |outgoing_messages|. |last_msg_end| may be |outgoing_messages.size()| if
|
|
3397
|
+
// |last_msg_end| is zero.
|
|
3398
|
+
//
|
|
3399
|
+
// When the message is empty, |first_msg_start| and |last_msg_end| are
|
|
3400
|
+
// maintained as if there is a single bit in the message representing the
|
|
3401
|
+
// header. See |acked| in DTLSOutgoingMessage.
|
|
3402
|
+
struct DTLSSentRecord {
|
|
3403
|
+
DTLSRecordNumber number;
|
|
3404
|
+
PackedSize<SSL_MAX_HANDSHAKE_FLIGHT> first_msg = 0;
|
|
3405
|
+
PackedSize<SSL_MAX_HANDSHAKE_FLIGHT> last_msg = 0;
|
|
3406
|
+
uint32_t first_msg_start = 0;
|
|
3407
|
+
uint32_t last_msg_end = 0;
|
|
3408
|
+
};
|
|
3409
|
+
|
|
3410
|
+
enum class QueuedKeyUpdate {
|
|
3411
|
+
kNone,
|
|
3412
|
+
kUpdateNotRequested,
|
|
3413
|
+
kUpdateRequested,
|
|
3414
|
+
};
|
|
3415
|
+
|
|
3416
|
+
// DTLS_PREV_READ_EPOCH_EXPIRE_SECONDS is how long to retain the previous read
|
|
3417
|
+
// epoch in DTLS 1.3. This value is set based on the following:
|
|
3418
|
+
//
|
|
3419
|
+
// - Section 4.2.1 of RFC 9147 recommends retaining past read epochs for the
|
|
3420
|
+
// default TCP MSL. This accommodates packet reordering with KeyUpdate.
|
|
3421
|
+
//
|
|
3422
|
+
// - Section 5.8.1 of RFC 9147 requires being capable of ACKing the client's
|
|
3423
|
+
// final flight for at least twice the default MSL. That requires retaining
|
|
3424
|
+
// epoch 2 after the handshake.
|
|
3425
|
+
//
|
|
3426
|
+
// - Section 4 of RFC 9293 defines the MSL to be two minutes.
|
|
3427
|
+
#define DTLS_PREV_READ_EPOCH_EXPIRE_SECONDS (4 * 60)
|
|
3428
|
+
|
|
3429
|
+
struct DTLSPrevReadEpoch {
|
|
3430
|
+
static constexpr bool kAllowUniquePtr = true;
|
|
3431
|
+
DTLSReadEpoch epoch;
|
|
3432
|
+
// expire is the expiration time of the read epoch, expressed as a POSIX
|
|
3433
|
+
// timestamp in seconds.
|
|
3434
|
+
uint64_t expire;
|
|
3435
|
+
};
|
|
3436
|
+
|
|
2987
3437
|
struct DTLS1_STATE {
|
|
2988
3438
|
static constexpr bool kAllowUniquePtr = true;
|
|
2989
3439
|
|
|
2990
3440
|
DTLS1_STATE();
|
|
2991
3441
|
~DTLS1_STATE();
|
|
2992
3442
|
|
|
3443
|
+
bool Init();
|
|
3444
|
+
|
|
2993
3445
|
// has_change_cipher_spec is true if we have received a ChangeCipherSpec from
|
|
2994
3446
|
// the peer in this epoch.
|
|
2995
3447
|
bool has_change_cipher_spec : 1;
|
|
@@ -3004,31 +3456,63 @@ struct DTLS1_STATE {
|
|
|
3004
3456
|
// peer sent the final flight.
|
|
3005
3457
|
bool flight_has_reply : 1;
|
|
3006
3458
|
|
|
3007
|
-
//
|
|
3008
|
-
//
|
|
3009
|
-
|
|
3010
|
-
|
|
3459
|
+
// handshake_write_overflow and handshake_read_overflow are true if
|
|
3460
|
+
// handshake_write_seq and handshake_read_seq, respectively have overflowed.
|
|
3461
|
+
bool handshake_write_overflow : 1;
|
|
3462
|
+
bool handshake_read_overflow : 1;
|
|
3463
|
+
|
|
3464
|
+
// sending_flight and sending_ack are true if we are in the process of sending
|
|
3465
|
+
// a handshake flight and ACK, respectively.
|
|
3466
|
+
bool sending_flight : 1;
|
|
3467
|
+
bool sending_ack : 1;
|
|
3011
3468
|
|
|
3012
|
-
//
|
|
3013
|
-
|
|
3469
|
+
// queued_key_update, if not kNone, indicates we've queued a KeyUpdate message
|
|
3470
|
+
// to send after the current flight is ACKed.
|
|
3471
|
+
QueuedKeyUpdate queued_key_update : 2;
|
|
3014
3472
|
|
|
3015
3473
|
uint16_t handshake_write_seq = 0;
|
|
3016
3474
|
uint16_t handshake_read_seq = 0;
|
|
3017
3475
|
|
|
3018
|
-
//
|
|
3019
|
-
|
|
3020
|
-
|
|
3476
|
+
// read_epoch is the current read epoch.
|
|
3477
|
+
DTLSReadEpoch read_epoch;
|
|
3478
|
+
|
|
3479
|
+
// next_read_epoch is the next read epoch in DTLS 1.3. It will become
|
|
3480
|
+
// current once a record is received from it.
|
|
3481
|
+
UniquePtr<DTLSReadEpoch> next_read_epoch;
|
|
3482
|
+
|
|
3483
|
+
// prev_read_epoch is the previous read epoch in DTLS 1.3.
|
|
3484
|
+
UniquePtr<DTLSPrevReadEpoch> prev_read_epoch;
|
|
3485
|
+
|
|
3486
|
+
// write_epoch is the current DTLS write epoch. Non-retransmit records will
|
|
3487
|
+
// generally use this epoch.
|
|
3488
|
+
// TODO(crbug.com/381113363): 0-RTT will be the exception, when implemented.
|
|
3489
|
+
DTLSWriteEpoch write_epoch;
|
|
3490
|
+
|
|
3491
|
+
// extra_write_epochs is the collection available write epochs.
|
|
3492
|
+
InplaceVector<UniquePtr<DTLSWriteEpoch>, DTLS_MAX_EXTRA_WRITE_EPOCHS>
|
|
3493
|
+
extra_write_epochs;
|
|
3021
3494
|
|
|
3022
3495
|
// incoming_messages is a ring buffer of incoming handshake messages that have
|
|
3023
3496
|
// yet to be processed. The front of the ring buffer is message number
|
|
3024
3497
|
// |handshake_read_seq|, at position |handshake_read_seq| %
|
|
3025
3498
|
// |SSL_MAX_HANDSHAKE_FLIGHT|.
|
|
3026
|
-
UniquePtr<
|
|
3499
|
+
UniquePtr<DTLSIncomingMessage> incoming_messages[SSL_MAX_HANDSHAKE_FLIGHT];
|
|
3027
3500
|
|
|
3028
3501
|
// outgoing_messages is the queue of outgoing messages from the last handshake
|
|
3029
3502
|
// flight.
|
|
3030
|
-
|
|
3031
|
-
|
|
3503
|
+
InplaceVector<DTLSOutgoingMessage, SSL_MAX_HANDSHAKE_FLIGHT>
|
|
3504
|
+
outgoing_messages;
|
|
3505
|
+
|
|
3506
|
+
// sent_records is a queue of records we sent, for processing ACKs. To save
|
|
3507
|
+
// memory in the steady state, the structure is stored on the heap and dropped
|
|
3508
|
+
// when empty.
|
|
3509
|
+
UniquePtr<MRUQueue<DTLSSentRecord, DTLS_MAX_ACK_BUFFER>> sent_records;
|
|
3510
|
+
|
|
3511
|
+
// records_to_ack is a queue of received records that we should ACK. This is
|
|
3512
|
+
// not stored on the heap because, in the steady state, DTLS 1.3 does not
|
|
3513
|
+
// necessarily empty this list. (We probably could drop records from here once
|
|
3514
|
+
// they are sufficiently old.)
|
|
3515
|
+
MRUQueue<DTLSRecordNumber, DTLS_MAX_ACK_BUFFER> records_to_ack;
|
|
3032
3516
|
|
|
3033
3517
|
// outgoing_written is the number of outgoing messages that have been
|
|
3034
3518
|
// written.
|
|
@@ -3043,12 +3527,15 @@ struct DTLS1_STATE {
|
|
|
3043
3527
|
// the last time it was reset.
|
|
3044
3528
|
unsigned num_timeouts = 0;
|
|
3045
3529
|
|
|
3046
|
-
//
|
|
3047
|
-
//
|
|
3048
|
-
|
|
3530
|
+
// retransmit_timer tracks when to schedule the next DTLS retransmit if we do
|
|
3531
|
+
// not hear from the peer.
|
|
3532
|
+
DTLSTimer retransmit_timer;
|
|
3533
|
+
|
|
3534
|
+
// ack_timer tracks when to send an ACK.
|
|
3535
|
+
DTLSTimer ack_timer;
|
|
3049
3536
|
|
|
3050
3537
|
// timeout_duration_ms is the timeout duration in milliseconds.
|
|
3051
|
-
|
|
3538
|
+
uint32_t timeout_duration_ms = 0;
|
|
3052
3539
|
};
|
|
3053
3540
|
|
|
3054
3541
|
// An ALPSConfig is a pair of ALPN protocol and settings value to use with ALPS.
|
|
@@ -3114,6 +3601,13 @@ struct SSL_CONFIG {
|
|
|
3114
3601
|
// |client_CA|.
|
|
3115
3602
|
STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
|
|
3116
3603
|
|
|
3604
|
+
// For client side, keep the list of CA distinguished names we can use
|
|
3605
|
+
// for the Certificate Authorities extension.
|
|
3606
|
+
// TODO(bbe) having this separate from the client side (above) is mildly
|
|
3607
|
+
// silly, but OpenSSL has *_client_CA API's for this exposed, and for the
|
|
3608
|
+
// moment we are not crossing those streams.
|
|
3609
|
+
UniquePtr<STACK_OF(CRYPTO_BUFFER)> CA_names;
|
|
3610
|
+
|
|
3117
3611
|
Array<uint16_t> supported_group_list; // our list
|
|
3118
3612
|
|
|
3119
3613
|
// channel_id_private is the client's Channel ID private key, or null if
|
|
@@ -3126,7 +3620,7 @@ struct SSL_CONFIG {
|
|
|
3126
3620
|
|
|
3127
3621
|
// alps_configs contains the list of supported protocols to use with ALPS,
|
|
3128
3622
|
// along with their corresponding ALPS values.
|
|
3129
|
-
|
|
3623
|
+
Vector<ALPSConfig> alps_configs;
|
|
3130
3624
|
|
|
3131
3625
|
// Contains the QUIC transport params that this endpoint will send.
|
|
3132
3626
|
Array<uint8_t> quic_transport_params;
|
|
@@ -3146,9 +3640,9 @@ struct SSL_CONFIG {
|
|
|
3146
3640
|
// structure for the client to use when negotiating ECH.
|
|
3147
3641
|
Array<uint8_t> client_ech_config_list;
|
|
3148
3642
|
|
|
3149
|
-
//
|
|
3643
|
+
// compliance_policy limits the set of ciphers that can be selected when
|
|
3150
3644
|
// negotiating a TLS 1.3 connection.
|
|
3151
|
-
enum ssl_compliance_policy_t
|
|
3645
|
+
enum ssl_compliance_policy_t compliance_policy = ssl_compliance_policy_none;
|
|
3152
3646
|
|
|
3153
3647
|
// verify_mode is a bitmask of |SSL_VERIFY_*| values.
|
|
3154
3648
|
uint8_t verify_mode = SSL_VERIFY_NONE;
|
|
@@ -3211,15 +3705,6 @@ struct SSL_CONFIG {
|
|
|
3211
3705
|
// alps_use_new_codepoint if set indicates we use new ALPS extension codepoint
|
|
3212
3706
|
// to negotiate and convey application settings.
|
|
3213
3707
|
bool alps_use_new_codepoint : 1;
|
|
3214
|
-
|
|
3215
|
-
// check_client_certificate_type indicates whether the client, in TLS 1.2 and
|
|
3216
|
-
// below, will check its certificate against the server's requested
|
|
3217
|
-
// certificate types.
|
|
3218
|
-
bool check_client_certificate_type : 1;
|
|
3219
|
-
|
|
3220
|
-
// check_ecdsa_curve indicates whether the server, in TLS 1.2 and below, will
|
|
3221
|
-
// check its certificate against the client's supported ECDSA curves.
|
|
3222
|
-
bool check_ecdsa_curve : 1;
|
|
3223
3708
|
};
|
|
3224
3709
|
|
|
3225
3710
|
// From RFC 8446, used in determining PSK modes.
|
|
@@ -3237,10 +3722,15 @@ bool ssl_is_key_type_supported(int key_type);
|
|
|
3237
3722
|
// counterpart to |privkey|. Otherwise it returns false and pushes a helpful
|
|
3238
3723
|
// message on the error queue.
|
|
3239
3724
|
bool ssl_compare_public_and_private_key(const EVP_PKEY *pubkey,
|
|
3240
|
-
|
|
3725
|
+
const EVP_PKEY *privkey);
|
|
3241
3726
|
bool ssl_get_new_session(SSL_HANDSHAKE *hs);
|
|
3727
|
+
|
|
3728
|
+
// ssl_encrypt_ticket encrypt a ticket for |session| and writes the result to
|
|
3729
|
+
// |out|. It returns true on success and false on error. If, on success, nothing
|
|
3730
|
+
// was written to |out|, the caller should skip sending a ticket.
|
|
3242
3731
|
bool ssl_encrypt_ticket(SSL_HANDSHAKE *hs, CBB *out,
|
|
3243
3732
|
const SSL_SESSION *session);
|
|
3733
|
+
|
|
3244
3734
|
bool ssl_ctx_rotate_ticket_encryption_key(SSL_CTX *ctx);
|
|
3245
3735
|
|
|
3246
3736
|
// ssl_session_new returns a newly-allocated blank |SSL_SESSION| or nullptr on
|
|
@@ -3261,6 +3751,20 @@ OPENSSL_EXPORT UniquePtr<SSL_SESSION> SSL_SESSION_parse(
|
|
|
3261
3751
|
// error.
|
|
3262
3752
|
OPENSSL_EXPORT bool ssl_session_serialize(const SSL_SESSION *in, CBB *cbb);
|
|
3263
3753
|
|
|
3754
|
+
enum class SSLSessionType {
|
|
3755
|
+
// The session is not resumable.
|
|
3756
|
+
kNotResumable,
|
|
3757
|
+
// The session uses a TLS 1.2 session ID.
|
|
3758
|
+
kID,
|
|
3759
|
+
// The session uses a TLS 1.2 ticket.
|
|
3760
|
+
kTicket,
|
|
3761
|
+
// The session uses a TLS 1.3 pre-shared key.
|
|
3762
|
+
kPreSharedKey,
|
|
3763
|
+
};
|
|
3764
|
+
|
|
3765
|
+
// ssl_session_get_type returns the type of |session|.
|
|
3766
|
+
SSLSessionType ssl_session_get_type(const SSL_SESSION *session);
|
|
3767
|
+
|
|
3264
3768
|
// ssl_session_is_context_valid returns whether |session|'s session ID context
|
|
3265
3769
|
// matches the one set on |hs|.
|
|
3266
3770
|
bool ssl_session_is_context_valid(const SSL_HANDSHAKE *hs,
|
|
@@ -3345,13 +3849,15 @@ bool tls_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
|
3345
3849
|
bool tls_finish_message(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
|
|
3346
3850
|
bool tls_add_message(SSL *ssl, Array<uint8_t> msg);
|
|
3347
3851
|
bool tls_add_change_cipher_spec(SSL *ssl);
|
|
3348
|
-
int
|
|
3852
|
+
int tls_flush(SSL *ssl);
|
|
3349
3853
|
|
|
3350
3854
|
bool dtls1_init_message(const SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
3351
3855
|
bool dtls1_finish_message(const SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
|
|
3352
3856
|
bool dtls1_add_message(SSL *ssl, Array<uint8_t> msg);
|
|
3353
3857
|
bool dtls1_add_change_cipher_spec(SSL *ssl);
|
|
3354
|
-
|
|
3858
|
+
void dtls1_finish_flight(SSL *ssl);
|
|
3859
|
+
void dtls1_schedule_ack(SSL *ssl);
|
|
3860
|
+
int dtls1_flush(SSL *ssl);
|
|
3355
3861
|
|
|
3356
3862
|
// ssl_add_message_cbb finishes the handshake message in |cbb| and adds it to
|
|
3357
3863
|
// the pending flight. It returns true on success and false on error.
|
|
@@ -3361,6 +3867,9 @@ bool ssl_add_message_cbb(SSL *ssl, CBB *cbb);
|
|
|
3361
3867
|
// on success and false on allocation failure.
|
|
3362
3868
|
bool ssl_hash_message(SSL_HANDSHAKE *hs, const SSLMessage &msg);
|
|
3363
3869
|
|
|
3870
|
+
ssl_open_record_t dtls1_process_ack(SSL *ssl, uint8_t *out_alert,
|
|
3871
|
+
DTLSRecordNumber ack_record_number,
|
|
3872
|
+
Span<const uint8_t> data);
|
|
3364
3873
|
ssl_open_record_t dtls1_open_app_data(SSL *ssl, Span<uint8_t> *out,
|
|
3365
3874
|
size_t *out_consumed, uint8_t *out_alert,
|
|
3366
3875
|
Span<uint8_t> in);
|
|
@@ -3376,19 +3885,27 @@ int dtls1_write_app_data(SSL *ssl, bool *out_needs_handshake,
|
|
|
3376
3885
|
int dtls1_write_record(SSL *ssl, int type, Span<const uint8_t> in,
|
|
3377
3886
|
uint16_t epoch);
|
|
3378
3887
|
|
|
3379
|
-
int dtls1_retransmit_outgoing_messages(SSL *ssl);
|
|
3380
3888
|
bool dtls1_parse_fragment(CBS *cbs, struct hm_header_st *out_hdr,
|
|
3381
3889
|
CBS *out_body);
|
|
3382
|
-
bool dtls1_check_timeout_num(SSL *ssl);
|
|
3383
3890
|
|
|
3384
|
-
|
|
3891
|
+
// DTLS1_MTU_TIMEOUTS is the maximum number of retransmit timeouts to expire
|
|
3892
|
+
// before starting to decrease the MTU.
|
|
3893
|
+
#define DTLS1_MTU_TIMEOUTS 2
|
|
3894
|
+
|
|
3895
|
+
// DTLS1_MAX_TIMEOUTS is the maximum number of retransmit timeouts to expire
|
|
3896
|
+
// before failing the DTLS handshake.
|
|
3897
|
+
#define DTLS1_MAX_TIMEOUTS 12
|
|
3898
|
+
|
|
3385
3899
|
void dtls1_stop_timer(SSL *ssl);
|
|
3386
|
-
|
|
3900
|
+
|
|
3387
3901
|
unsigned int dtls1_min_mtu(void);
|
|
3388
3902
|
|
|
3389
3903
|
bool dtls1_new(SSL *ssl);
|
|
3390
3904
|
void dtls1_free(SSL *ssl);
|
|
3391
3905
|
|
|
3906
|
+
bool dtls1_process_handshake_fragments(SSL *ssl, uint8_t *out_alert,
|
|
3907
|
+
DTLSRecordNumber record_number,
|
|
3908
|
+
Span<const uint8_t> record);
|
|
3392
3909
|
bool dtls1_get_message(const SSL *ssl, SSLMessage *out);
|
|
3393
3910
|
ssl_open_record_t dtls1_open_handshake(SSL *ssl, size_t *out_consumed,
|
|
3394
3911
|
uint8_t *out_alert, Span<uint8_t> in);
|
|
@@ -3407,8 +3924,11 @@ bool tls1_configure_aead(SSL *ssl, evp_aead_direction_t direction,
|
|
|
3407
3924
|
|
|
3408
3925
|
bool tls1_change_cipher_state(SSL_HANDSHAKE *hs,
|
|
3409
3926
|
evp_aead_direction_t direction);
|
|
3410
|
-
|
|
3411
|
-
|
|
3927
|
+
|
|
3928
|
+
// tls1_generate_master_secret computes the master secret from |premaster| and
|
|
3929
|
+
// writes it to |out|. |out| must have size |SSL3_MASTER_SECRET_SIZE|.
|
|
3930
|
+
bool tls1_generate_master_secret(SSL_HANDSHAKE *hs, Span<uint8_t> out,
|
|
3931
|
+
Span<const uint8_t> premaster);
|
|
3412
3932
|
|
|
3413
3933
|
// tls1_get_grouplist returns the locally-configured group preference list.
|
|
3414
3934
|
Span<const uint16_t> tls1_get_grouplist(const SSL_HANDSHAKE *ssl);
|
|
@@ -3487,9 +4007,7 @@ bool ssl_can_write(const SSL *ssl);
|
|
|
3487
4007
|
// ssl_can_read returns wheter |ssl| is allowed to read.
|
|
3488
4008
|
bool ssl_can_read(const SSL *ssl);
|
|
3489
4009
|
|
|
3490
|
-
|
|
3491
|
-
void ssl_ctx_get_current_time(const SSL_CTX *ctx,
|
|
3492
|
-
struct OPENSSL_timeval *out_clock);
|
|
4010
|
+
OPENSSL_timeval ssl_ctx_get_current_time(const SSL_CTX *ctx);
|
|
3493
4011
|
|
|
3494
4012
|
// ssl_reset_error_state resets state for |SSL_get_error|.
|
|
3495
4013
|
void ssl_reset_error_state(SSL *ssl);
|
|
@@ -3620,6 +4138,8 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
|
|
|
3620
4138
|
// |client_CA|.
|
|
3621
4139
|
STACK_OF(X509_NAME) *cached_x509_client_CA = nullptr;
|
|
3622
4140
|
|
|
4141
|
+
// What we put in client hello in the CA extension.
|
|
4142
|
+
bssl::UniquePtr<STACK_OF(CRYPTO_BUFFER)> CA_names;
|
|
3623
4143
|
|
|
3624
4144
|
// Default values to use in SSL structures follow (these are copied by
|
|
3625
4145
|
// SSL_new)
|
|
@@ -3729,7 +4249,7 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
|
|
|
3729
4249
|
bssl::UniquePtr<STACK_OF(SRTP_PROTECTION_PROFILE)> srtp_profiles;
|
|
3730
4250
|
|
|
3731
4251
|
// Defined compression algorithms for certificates.
|
|
3732
|
-
bssl::
|
|
4252
|
+
bssl::Vector<bssl::CertCompressionAlg> cert_compression_algs;
|
|
3733
4253
|
|
|
3734
4254
|
// Supported group values inherited by SSL structure
|
|
3735
4255
|
bssl::Array<uint16_t> supported_group_list;
|
|
@@ -3765,9 +4285,9 @@ struct ssl_ctx_st : public bssl::RefCounted<ssl_ctx_st> {
|
|
|
3765
4285
|
int (*legacy_ocsp_callback)(SSL *ssl, void *arg) = nullptr;
|
|
3766
4286
|
void *legacy_ocsp_callback_arg = nullptr;
|
|
3767
4287
|
|
|
3768
|
-
//
|
|
4288
|
+
// compliance_policy limits the set of ciphers that can be selected when
|
|
3769
4289
|
// negotiating a TLS 1.3 connection.
|
|
3770
|
-
enum ssl_compliance_policy_t
|
|
4290
|
+
enum ssl_compliance_policy_t compliance_policy = ssl_compliance_policy_none;
|
|
3771
4291
|
|
|
3772
4292
|
// verify_sigalgs, if not empty, is the set of signature algorithms
|
|
3773
4293
|
// accepted from the peer in decreasing order of preference.
|
|
@@ -3846,9 +4366,6 @@ struct ssl_st {
|
|
|
3846
4366
|
// that instead, and skip the null check.)
|
|
3847
4367
|
bssl::UniquePtr<bssl::SSL_CONFIG> config;
|
|
3848
4368
|
|
|
3849
|
-
// version is the protocol version.
|
|
3850
|
-
uint16_t version = 0;
|
|
3851
|
-
|
|
3852
4369
|
uint16_t max_send_fragment = 0;
|
|
3853
4370
|
|
|
3854
4371
|
// There are 2 BIO's even though they are normally both the same. This is so
|
|
@@ -3874,11 +4391,9 @@ struct ssl_st {
|
|
|
3874
4391
|
// session info
|
|
3875
4392
|
|
|
3876
4393
|
// initial_timeout_duration_ms is the default DTLS timeout duration in
|
|
3877
|
-
// milliseconds. It's used to initialize the timer any time it's restarted.
|
|
3878
|
-
//
|
|
3879
|
-
|
|
3880
|
-
// second.
|
|
3881
|
-
unsigned initial_timeout_duration_ms = 1000;
|
|
4394
|
+
// milliseconds. It's used to initialize the timer any time it's restarted. We
|
|
4395
|
+
// default to RFC 9147's recommendation for real-time applications, 400ms.
|
|
4396
|
+
uint32_t initial_timeout_duration_ms = 400;
|
|
3882
4397
|
|
|
3883
4398
|
// session is the configured session to be offered by the client. This session
|
|
3884
4399
|
// is immutable.
|
|
@@ -3939,17 +4454,14 @@ struct ssl_session_st : public bssl::RefCounted<ssl_session_st> {
|
|
|
3939
4454
|
// session. In TLS 1.3 and up, it is the resumption PSK for sessions handed to
|
|
3940
4455
|
// the caller, but it stores the resumption secret when stored on |SSL|
|
|
3941
4456
|
// objects.
|
|
3942
|
-
uint8_t
|
|
3943
|
-
|
|
4457
|
+
bssl::InplaceVector<uint8_t, SSL_MAX_MASTER_KEY_LENGTH> secret;
|
|
4458
|
+
|
|
4459
|
+
bssl::InplaceVector<uint8_t, SSL_MAX_SSL_SESSION_ID_LENGTH> session_id;
|
|
3944
4460
|
|
|
3945
|
-
// session_id - valid?
|
|
3946
|
-
uint8_t session_id_length = 0;
|
|
3947
|
-
uint8_t session_id[SSL_MAX_SSL_SESSION_ID_LENGTH] = {0};
|
|
3948
4461
|
// this is used to determine whether the session is being reused in
|
|
3949
4462
|
// the appropriate context. It is up to the application to set this,
|
|
3950
4463
|
// via SSL_new
|
|
3951
|
-
uint8_t
|
|
3952
|
-
uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH] = {0};
|
|
4464
|
+
bssl::InplaceVector<uint8_t, SSL_MAX_SID_CTX_LENGTH> sid_ctx;
|
|
3953
4465
|
|
|
3954
4466
|
bssl::UniquePtr<char> psk_identity;
|
|
3955
4467
|
|
|
@@ -4012,8 +4524,7 @@ struct ssl_session_st : public bssl::RefCounted<ssl_session_st> {
|
|
|
4012
4524
|
// original_handshake_hash contains the handshake hash (either SHA-1+MD5 or
|
|
4013
4525
|
// SHA-2, depending on TLS version) for the original, full handshake that
|
|
4014
4526
|
// created a session. This is used by Channel IDs during resumption.
|
|
4015
|
-
uint8_t
|
|
4016
|
-
uint8_t original_handshake_hash_len = 0;
|
|
4527
|
+
bssl::InplaceVector<uint8_t, EVP_MAX_MD_SIZE> original_handshake_hash;
|
|
4017
4528
|
|
|
4018
4529
|
uint32_t ticket_lifetime_hint = 0; // Session lifetime hint in seconds
|
|
4019
4530
|
|
|
@@ -4073,7 +4584,7 @@ struct ssl_session_st : public bssl::RefCounted<ssl_session_st> {
|
|
|
4073
4584
|
struct ssl_ech_keys_st : public bssl::RefCounted<ssl_ech_keys_st> {
|
|
4074
4585
|
ssl_ech_keys_st() : RefCounted(CheckSubClass()) {}
|
|
4075
4586
|
|
|
4076
|
-
bssl::
|
|
4587
|
+
bssl::Vector<bssl::UniquePtr<bssl::ECHServerConfig>> configs;
|
|
4077
4588
|
|
|
4078
4589
|
private:
|
|
4079
4590
|
friend RefCounted;
|